Professional Documents
Culture Documents
Web App Penetration Testing List
Web App Penetration Testing List
Web App Penetration Testing List
Information Gathering
Authentication Testing
Authorization Testing
信息分类: 机密
Information Classification: Confidential
Input Validation Testing
信息分类: 机密
Information Classification: Confidential
Client-side Testing
信息分类: 机密
Information Classification: Confidential
Conduct Search Engine Discovery Reconnaissance for Information Leakage
信息分类: 机密
Information Classification: Confidential
Testing for Exposed Session Variables
Testing for Cross Site Request Forgery
Testing for Logout Functionality
Testing Session Timeout
Testing for Session Puzzling
Testing for Weak SSL TLS Ciphers Insufficient Transport Layer Protection
信息分类: 机密
Information Classification: Confidential
Test Number of Times a Function Can Be Used Limits
Testing for the Circumvention of Work Flows
Test Defenses Against Application Misuse
Test Upload of Unexpected File Types
Test Upload of Malicious Files
信息分类: 机密
Information Classification: Confidential