|
|
(48 intermediate revisions by 10 users not shown) |
Line 1: |
Line 1: |
− | Please refer to [[OWASP_Testing_Guide_v2_Table_of_Contents]] for updated information about the progress status of each article.
| + | {{Template:OWASP Testing Guide v4}} |
| | | |
− | == Web Application Penetration Testing ==
| + | The following sections describe the 12 subcategories of the Web Application Penetration Testing Methodology: |
| | | |
− | 4.1 [[Introduction and objectives Testing AoC|Introduction and objectives]] (0%, TD) <br>
| + | [[Testing: Introduction and objectives|'''4.1 Introduction and Objectives''']] |
− | 4.2 [[Information Gathering Testing AoC|Information Gathering (spider, google)]] (0%, TD)<br>
| |
− | 4.3 [[Business logic testing AoC|Business logic testing]] (50%, TD)<br> | |
| | | |
− | 4.4 [[Authentication Testing Aoc|Authentication Testing]] (50%, TD) <br>
| + | [[Testing Information Gathering|'''4.2 Information Gathering ''']] |
− | 4.4.1 Default or guessable (dictionary) user account 90% TD<br>
| |
− | 4.4.2 Brute Force 0% TD<br>
| |
− | 4.4.3 Bypassing authentication schema 0% TD<br>
| |
− | 4.4.4 Vulnerable remember password and pwd reset 90% TD<br>
| |
− | 4.4.5 Logout and account expiry 0% TD<br>
| |
| | | |
− | 4.5 [[Session Management Testing AoC|Session Management Testing]] (0%, TD) <br>
| + | [[Testing for configuration management|'''4.3 Configuration and Deployment Management Testing ''']] |
− | 4.5.1 Cookie and Session token Manipulation(reg, forg/brute force) 100% Review<br>
| |
− | 4.5.2 Weak session tokens 70% TD<br>
| |
− | 4.5.3 Session Riding 100% Review<br>
| |
− | 4.5.4 Exposed session variables 0% TD<br>
| |
− | 4.5.5 HTTP Exploit 0% TD<br>
| |
| | | |
− | 4.6 [[Data Validation Testing AoC|Data Validation Testing]] (0%, TD) <br>
| + | [[Testing Identity Management|'''4.4 Identity Management Testing''']] |
− | 4.6.1 Cross site scripting 0% TD<br>
| |
− | 4.6.1.1 Incubated attacks 0% TD<br>
| |
− | 4.6.1.2 Phishing (using javascript) 0% TD<br>
| |
− | 4.6.1.3 HTTP Methods + XSS (TRACE) 0% TD<br>
| |
− | 4.6.2 SQL Injection 0% TD<br>
| |
− | 4.6.2.1 Oracle, mySQL, SQL Server, TeraData 0% TD<br>
| |
− | 4.6.2.2 Extended stored procedures 0% TD<br>
| |
− | 4.6.2.3 Stored procedure injection 0% TD<br>
| |
− | 4.6.2.4 Oracle +SQLServer ports and attacks 0% TD<br> | |
− | 4.6.2.5 Listener attacks etc. 1521 1433 1527 0% TD<br>
| |
− | 4.6.3 Command Execution 0%, TD <br>
| |
− | Orm injection 0% TD,
| |
− | ORM Injection,
| |
− | LDAP Injection,
| |
− | XML Injection,
| |
− | SSI Injection,
| |
− | XPath Injection,
| |
− | SQL Injection,
| |
− | IMAP/SMTP Injection,
| |
− | Code Injection,
| |
− | OS Commanding<br>
| |
− | 4.6.4 Buffer overflow Testing 100% Review<br>
| |
− | 4.6.4.1 Heap overflow 100% Review<br>
| |
− | 4.6.4.2 Stack overflow 100% Review<br>
| |
− | 4.6.4.3 Format string 100% Review<br>
| |
| | | |
− | 4.7 [[Denial of Service Testing AoC|Denial of Service Testing]] (95%, Review)<br>
| + | [[Testing for authentication|'''4.5 Authentication Testing ''']] |
− | 4.7.1 Locking Customer Accounts 100% Review<br>
| |
− | 4.7.2 Buffer Overflows 100% Review<br>
| |
− | 4.7.3 User Specified Object Allocation 100% Review<br>
| |
− | 4.7.4 User Input as a Loop Counter 100% Review<br>
| |
− | 4.7.5 Writing User Provided Data to Disk 100% Review<br>
| |
− | 4.7.6 Failure to Release Resources 100% Review<br>
| |
− | 4.7.7 Storing too Much Data in Session 90% Review<br>
| |
| | | |
− | 4.8 [[Infrastructure and configuration Testing AoC|Infrastructure and configuration Testing]] (0%, TD)<br>
| + | [[Testing for Authorization|'''4.6 Authorization Testing''']] |
− | 4.8.1 Infrastructure configuration management testing 100% TD<br>
| |
− | 4.8.2 Application configuration management testing 100% TD<br>
| |
− | 4.8.3 Old, backup and unreferenced files 100% TD<br>
| |
− | 4.8.4 File extensions handling 90% TD<br>
| |
− | 4.8.5 Analisys of error code 50% TD<br>
| |
− | 4.8.6 SSL/TLS Testing: support of weak ciphers and cert validity 100% TD<br> | |
− | 4.8.7 Testing defense from Automatic attacks (maybe a duplicate) 10% TD<br>
| |
| | | |
− | 4.9 [[Web Services Testing AoC|Web Services Testing]] (0%, TD)<br>
| + | [[Testing for Session Management|'''4.7 Session Management Testing''']] |
− | 4.9.1 XML Structural Attacks 0% TD<br>
| |
− | 4.9.2 XML content-level attacks 0% TD<br>
| |
− | 4.9.3 HTTP GET parameters/REST attacks 0% TD<br>
| |
− | 4.9.4 Naughty SOAP attachments 0% TD<br>
| |
− | 4.9.5 Brute force attacks 0% TD<br>
| |
| | | |
− | 4.10 [[AJAX Testing AoC|AJAX Testing]] (0%, TD)<br>
| + | [[Testing for Input Validation|'''4.8 Input Validation Testing''']] |
− | 4.10.1 Vulnerabilities 0% TD<br>
| |
− | 4.10.2 How to test 0% TD<br>
| |
| | | |
| + | [[Error Handling|'''4.9 Error Handling''']] |
| | | |
− | [[OWASP_Testing_Guide_v2_Table_of_Contents]] | + | [[Cryptography|'''4.10 Cryptography''']] |
| + | |
| + | [[Testing for business logic|'''4.11 Business Logic Testing ''']] |
| + | |
| + | [[Client Side Testing|'''4.12 Client Side Testing''']] |
The following sections describe the 12 subcategories of the Web Application Penetration Testing Methodology: