Contenu connexe
Similaire à Introduction to web application security testing (20)
Plus de Oleksandr Romanov (10)
Introduction to web application security testing
- 3. Prepare your mind for
security testing
- Think like a hacker :)
- Concentrate on negative testing
- Vulnerabilities = bugs
- 4. Security testing in action - stage 1
Mapping the application
- web spidering
- user directed spidering
- brute force scanning
- 5. Security testing in action - stage 2
Analyze the application
- application functionality
- data entry points
- application technologies
- 6. Security testing in action - stage 3
Test/break the application
Test:
- client-side controls
- authentication mechanizm
- session management mechanizm
- access controls
- input-based vulnerabilities
.....
- 7. Security testing in action - stage 4
Report the results
1. Exclusive summary
2. Detailed report
3. Raw output