Bài tập lớn.docx

Testing for browser cache weakness otg authn 006

This preview shows page 2 - 4 out of 6 pages.

Testing for Browser cache weakness (OTG-AUTHN-006) Testing for Weak password policy (OTG-AUTHN-007) Testing for Weak security question/answer (OTG-AUTHN-008) Testing for weak password change or reset functionalities (OTG-AUTHN-009) Testing for Weaker authentication in alternative channel (OTG-AUTHN-010) 5. Authorization Testing (79-87) Testing Directory traversal/file include (OTG-AUTHZ-001) Testing for bypassing authorization schema (OTG-AUTHZ-002) Testing for Privilege Escalation (OTG-AUTHZ-003) Testing for Insecure Direct Object References (OTG-AUTHZ-004) 6. Session Management Testing (87-100) Testing for Bypassing Session Management Schema (OTG-SESS-001) Testing for Cookies attributes (OTG-SESS-002) Testing for Session Fixation (OTG-SESS-003) Testing for Exposed Session Variables (OTG-SESS-004) Testing for Cross Site Request Forgery (CSRF) (OTG-SESS-005) Testing for logout functionality (OTG-SESS-006) Test Session Timeout (OTG-SESS-007) Testing for Session puzzling (OTG-SESS-008) 7. Input Validation Testing (100-110) Testing for Reflected Cross Site Scripting (OTG-INPVAL-001) Testing for Stored Cross Site Scripting (OTG-INPVAL-002) Testing for HTTP Verb Tampering (OTG-INPVAL-003) Testing for HTTP Parameter pollution (OTG-INPVAL-004) 8. Input Validation Testing (110-123) Testing for SQL Injection (OTG-INPVAL-005) Oracle Testing MySQL Testing 9. Input Validation Testing (123-133) SQL Server Testing Testing PostgreSQL (from OWASP BSP) MS Access Testing Testing for NoSQL injection 10. Input Validation Testing (133-144) Testing for LDAP Injection (OTG-INPVAL-006) Testing for ORM Injection (OTG-INPVAL-007) Testing for XML Injection (OTG-INPVAL-008)
Image of page 2

Subscribe to view the full document.

Testing for SSI Injection (OTG-INPVAL-009) Testing for XPath Injection (OTG-INPVAL-010) IMAP/SMTP Injection (OTG-INPVAL-011) 11. Input Validation Testing (144-156) Testing for Code Injection (OTG-INPVAL-012) Testing for Local File Inclusion Testing for Remote File Inclusion Testing for Command Injection (OTG-INPVAL-013) Testing for Buffer overflow (OTG-INPVAL-014)
Image of page 3
Image of page 4
  • Fall '19

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern