This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Cornucopia - Ecommerce Website - W Joker A

From OWASP
Jump to: navigation, search
Cornucopia - Ecommerce Website W Joker A.png

Suit: Wild Card

Card/Value: Joker

Description:

Alice can utilize the application to attack users' systems and data.

Technical Note:

Consider how the application's normal functionality might be used to the disbenefit of another application, of some or all users, of another party, or even of society. This may include:

  • Performing denial of service.
  • Hosting/distribution of unapproved content (e.g. videos, photos, malware).
  • Generating of spam messages.
  • Hosting unapproved application code (e.g. as a command and control server, or as a bot).
  • Reflecting an attack against another system.
  • Attacking another internal system (e.g. databases, internal network).

References:

Have you thought about becoming an individual OWASP member? All tools, guidance and local meetings are free for everyone, but individual membership helps support OWASP’s work.



« Previous Card | Wild Card | Next Card »