This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Cornucopia - Ecommerce Website - W Joker A"
From OWASP
(Created page with "{{DISPLAYTITLE:<span style="padding:2px 5px 0px 5px;color:white;background:#fbbb7b;">Cornucopia - Ecommerce Website - W J</span>}} File:Cornucopia_-_Ecommerce_Website_W_Joke...") |
|||
Line 22: | Line 22: | ||
Have you thought about becoming an individual OWASP member? All tools, guidance and local meetings are free for everyone, but individual membership helps support OWASP’s work. | Have you thought about becoming an individual OWASP member? All tools, guidance and local meetings are free for everyone, but individual membership helps support OWASP’s work. | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
Latest revision as of 16:31, 21 January 2016
Suit: Wild Card
Card/Value: Joker
Description:
Alice can utilize the application to attack users' systems and data.
Technical Note:
Consider how the application's normal functionality might be used to the disbenefit of another application, of some or all users, of another party, or even of society. This may include:
- Performing denial of service.
- Hosting/distribution of unapproved content (e.g. videos, photos, malware).
- Generating of spam messages.
- Hosting unapproved application code (e.g. as a command and control server, or as a bot).
- Reflecting an attack against another system.
- Attacking another internal system (e.g. databases, internal network).
References:
Have you thought about becoming an individual OWASP member? All tools, guidance and local meetings are free for everyone, but individual membership helps support OWASP’s work.