This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Testing for Input Validation

From OWASP

Revision as of 11:11, 12 October 2006 by Mmeucci (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

Data Validation Testing

4.6.1 Cross site scripting
4.6.1.1 Incubated attacks
4.6.1.2 Phishing (using javascript)
4.6.1.3 HTTP Methods + XSS (TRACE)
4.6.2 SQL Injection
4.6.2.1 Oracle, mySQL, SQL Server, TeraData
4.6.2.2 Extended stored procedures
4.6.2.3 Stored procedure injection
4.6.2.4 Oracle +SQLServer ports and attacks
4.6.2.5 Listener attacks etc. 1521 1433 1527
4.6.3 Command Execution
Orm injection 0% TD, ORM Injection, LDAP Injection, XML Injection, SSI Injection, XPath Injection, SQL Injection, IMAP/SMTP Injection, Code Injection, OS Commanding 4.6.4 Buffer overflow Testing
4.6.4.1 Heap overflow
4.6.4.2 Stack overflow
4.6.4.3 Format string

OWASP Testing Guide v2 Table of Contents

Retrieved from "https://wiki.owasp.org/index.php?title=Testing_for_Input_Validation&oldid=10510"