Please enable JavaScript.
Coggle requires JavaScript to display documents.
WebApp - Coggle Diagram
WebApp
Broken Authentication
Use of Hard-coded Credentials
Test Upload of Malicious Files
Missing Authorisation
Incorrect Authorisation
Reliance on Untrusted Inputs in a Security Decision
Burt Force
48 Hours
Security Mis Configuration
Execution with Unnecessary Privileges
Use of Potentially Dangerous Function
Incorrect Permission Assignment for Critical Resource
Default Login
48 Hours
Privilege Escalation
HTTPS Header Missing
Recon
Way back Machine
Subdomain
DirBuster
Nikto
Nmap
BulitWith Waplyser
Injection
SQL Injection
OS Command Injection
Code Injection
Xml Injection
Code Injection
48 Hours
Sensitive Data Exposure
Cleartext Transmission of Sensitive Information
Exposure of Private Personal Information to an Unauthorised Actor
Missing Encryption of Sensitive Data
Sensitive Information in Source Code
Insertion of Sensitive Information into Log File
32 Hours
WebApp Testing Tool :
Owasp-Zap
Burp Suite
WP Scan
Nikto
Nessus
Enumeration
S3 Bucket Enumeration
Directory Traversel
Role Enumeration
Url Enumeration
40 Hours
Cross Site Scripting XSS
DOM Based Cross Site Scripting Vulnerability
Stored Cross Site Scripting Vulnerability
Reflected Cross Site Scripting Vulnerability
Certin
Mobile App
Mobile App Testing Tool
MOBSF
BurpSuite
Frida
Zap
Cross Site Scripting XSS
Stored Cross Site Scripting Vulnerability
Reflected Cross Site Scripting Vulnerability
Revere Engineering
Apktool
dex2jar
Fileupload
Sql
Standards
SANS 25
Osawp Top 10
Api End Point Test
Recon
Install And Setup
Find Android Version Bug
Root Access
Security Mis Configuration
Execution with Unnecessary Privileges
Use of Potentially Dangerous Function
Incorrect Permission Assignment for Critical Resource
Default Login
48 Hours
Privilege Escalation
HTTPS Header Missing
Sensitive Data Exposure
Cleartext Transmission of Sensitive Information
Exposure of Private Personal Information to an Unauthorised Actor
Missing Encryption of Sensitive Data
Sensitive Information in Source Code
Insertion of Sensitive Information into Log File
32 Hours
Broken Authentication
Use of Hard-coded Credentials
Test Upload of Malicious Files
Missing Authorisation
Incorrect Authorisation
Reliance on Untrusted Inputs in a Security Decision
Burt Force
48 Hours
Broken Authentication And Session Management
Cross site Request Forgery
Insufficient Transport Layer Protection
Api End Point Test