This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Testing for AJAX Vulnerabilities (OWASP-AJ-001)"
From OWASP
Anushshetty (talk | contribs) (→Description of the Issue) |
|||
Line 7: | Line 7: | ||
...here: Short Description of the Issue: Topic and Explanation | ...here: Short Description of the Issue: Topic and Explanation | ||
<br> | <br> | ||
+ | |||
+ | == Vulnerabilties == | ||
+ | |||
+ | There are differnt types of AJAX attacks. Most of the Javascript attacks holds good here. Usually anything to play with the parameters is an attack. | ||
+ | #SQL Injection | ||
+ | |||
== Black Box testing and example == | == Black Box testing and example == | ||
'''Testing for Topic X vulnerabilities:''' <br> | '''Testing for Topic X vulnerabilities:''' <br> |
Revision as of 18:29, 4 November 2006
Brief Summary
..here: we describe in "natural language" what we want to test.
Description of the Issue
...here: Short Description of the Issue: Topic and Explanation
Vulnerabilties
There are differnt types of AJAX attacks. Most of the Javascript attacks holds good here. Usually anything to play with the parameters is an attack.
- SQL Injection
Black Box testing and example
Testing for Topic X vulnerabilities:
...
Result Expected:
...
Gray Box testing and example
Testing for Topic X vulnerabilities:
...
Result Expected:
...
References
Whitepapers
...
Tools
...
OWASP Testing Guide v2
Here is the OWASP Testing Guide v2 Table of Contents OWASP Testing Guide v2 Table of Contents
This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.