This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Testing for Captcha (OWASP-AT-012)
This article is part of the new OWASP Testing Guide v4.
Back to the OWASP Testing Guide v4 ToC: https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents Back to the OWASP Testing Guide Project: https://www.owasp.org/index.php/OWASP_Testing_Project
Brief Summary
CAPTCHA ("Completely Automated Public Turing test to tell Computers and Humans Apart") is a type of challenge-response test used by many web applications to ensure that the response is not generated by a computer.
<warning>huhu</warning>
<img alt="Warning" src="//upload.wikimedia.org/wikipedia/commons/thumb/5/51/Attention_niels_epting.svg/18px-Attention_niels_epting.svg.png" width="18" height="18" srcset="//upload.wikimedia.org/wikipedia/commons/thumb/5/51/Attention_niels_epting.svg/27px-Attention_niels_epting.svg.png 1.5x, //upload.wikimedia.org/wikipedia/commons/thumb/5/51/Attention_niels_epting.svg/36px-Attention_niels_epting.svg.png 2x" />Warning:
Description of the Issue
...here: Short Description of the Issue: Topic and Explanation
Black Box testing and example
Testing for Topic X vulnerabilities:
...
Result Expected:
...
References
Whitepapers
...
Tools
...