Please enable JavaScript.
Coggle requires JavaScript to display documents.
Web Application Penetration Testing (Stage 2: Discovery (Authentication…
Web Application Penetration Testing
Stage 1: Planning
Reconnassance
Preparation for testing
Rules of Engagement
Stage 2: Discovery
Authorization Testing
User Enumeration
Multiple Factor Authentications
Privilege Escalation
Authentication Testing
Authentication Bypass
Directory Traversal
Browser Cache
Sensitive Information Leakage
Session Management Testing
Session Token
Cross Site Request Forgery
HTTP Exploitation
Injection Flaws
Cross Site Scripting
Injection Input Validation
Web Service Testing
XML Structure Testing
XML Payload Testing
HTTP Method
Information Disclosure
Application Banners
Debug / Error Message
Configuration Management
Infrastructure and Application Configuration Testing
File Extension Handling
HTTP Method and XST
Stage 3: Verificaiton
Active / Passive Verification
Stage 4: Reporting
Draft Report
Discussion on draft report
Final Report
Presentation
Stage 5: Validation
Patch Implementation Validation