Difference between revisions of "Web Application Penetration Testing"

From OWASP
Jump to: navigation, search
(Web Application Penetration Testing)
(Web Application Penetration Testing)
Line 43: Line 43:
 
Code Injection,
 
Code Injection,
 
OS Commanding<br>
 
OS Commanding<br>
4.6.7 Buffer overflow Testing 100% Review<br>
+
4.6.4 Buffer overflow Testing 100% Review<br>
4.6.7.1 Heap overflow 100% Review<br>
+
4.6.4.1 Heap overflow 100% Review<br>
4.6.7.2 Stack overflow 100% Review<br>
+
4.6.4.2 Stack overflow 100% Review<br>
4.6.7.3 Format string 100% Review<br>
+
4.6.4.3 Format string 100% Review<br>
  
 
4.7 [[Denial of Service Testing AoC|Denial of Service Testing]] (95%, Review)<br>
 
4.7 [[Denial of Service Testing AoC|Denial of Service Testing]] (95%, Review)<br>

Revision as of 18:27, 10 October 2006

OWASP_Testing_Guide_v2_Table_of_Contents

Web Application Penetration Testing

4.1 Introduction and objectives (0%, TD)
4.2 Information Gathering (spider, google) (0%, TD)
4.3 Business logic testing (50%, TD)

4.4 Authentication Testing (50%, TD)
4.4.1 Default or guessable (dictionary) user account 90% TD
4.4.2 Brute Force 0% TD
4.4.3 Bypassing authentication schema 0% TD
4.4.4 Vulnerable remember password and pwd reset 90% TD
4.4.5 Logout and account expiry 0% TD

4.5 Session Management Testing (0%, TD)
4.5.1 Cookie and Session token Manipulation(reg, forg/brute force) 100% Review
4.5.2 Weak session tokens 70% TD
4.5.3 Session Riding 100% Review
4.5.4 Exposed session variables 0% TD
4.5.5 HTTP Exploit 0% TD

4.6 Data Validation Testing (0%, TD)
4.6.1 Cross site scripting 0% TD
4.6.1.1 Incubated attacks 0% TD
4.6.1.2 Phishing (using javascript) 0% TD
4.6.1.3 HTTP Methods + XSS (TRACE) 0% TD
4.6.2 SQL Injection 0% TD
4.6.2.1 Oracle, mySQL, SQL Server, TeraData 0% TD
4.6.2.2 Extended stored procedures 0% TD
4.6.2.3 Stored procedure injection 0% TD
4.6.2.4 Oracle +SQLServer ports and attacks 0% TD
4.6.2.5 Listener attacks etc. 1521 1433 1527 0% TD
4.6.3 Command Execution 0%, TD
Orm injection 0% TD, ORM Injection, LDAP Injection, XML Injection, SSI Injection, XPath Injection, SQL Injection, IMAP/SMTP Injection, Code Injection, OS Commanding
4.6.4 Buffer overflow Testing 100% Review
4.6.4.1 Heap overflow 100% Review
4.6.4.2 Stack overflow 100% Review
4.6.4.3 Format string 100% Review

4.7 Denial of Service Testing (95%, Review)
4.7.1 Locking Customer Accounts 100% Review
4.7.2 Buffer Overflows 100% Review
4.7.3 User Specified Object Allocation 100% Review
4.7.4 User Input as a Loop Counter 100% Review
4.7.5 Writing User Provided Data to Disk 100% Review
4.7.6 Failure to Release Resources 100% Review
4.7.7 Storing too Much Data in Session 90% Review

4.8 Infrastructure and configuration Testing (0%, TD)
4.8.1 Intro and objective 0% TD
4.8.2 Infrastructure configuration management testing 100% TD
4.8.3 Application configuration management testing 100% TD
4.8.4 Old, backup and unreferenced files 100% TD
4.8.5 File extensions handling 90% TD
4.8.6 Analisys of error code 50% TD
4.8.7 SSL/TLS Testing: support of weak ciphers and cert validity 100% TD
4.8.8 Testing defense from Automatic attacks (maybe a duplicate) 10% TD

4.9 Web Services Testing (0%, TD)
4.9.1 XML Structural Attacks 0% TD
4.9.2 XML content-level attacks 0% TD
4.9.3 HTTP GET parameters/REST attacks 0% TD
4.9.4 Naughty SOAP attachments 0% TD
4.9.5 Brute force attacks 0% TD

4.10 AJAX Testing (0%, TD)
4.10.1 Vulnerabilities 0% TD
4.10.2 How to test 0% TD


OWASP_Testing_Guide_v2_Table_of_Contents