Web Hacking: Become a Pentester - Lecture 49: Assessment Checklist

Опубликовано: 21 Декабрь 2017
на канале: ÆTHER SECURITY LAB

819

In this video I show you the assessment checklist I use for web application assessments.

This is a preview lecture from my online web hacking training called Web Hacking: Become a Pentester.

Check out the full course: http://aetherlab.net/y/ho
Website: http://aetherlab.net
Blog: / gergely.revay
Trainings:
Web Hacking: Become a Web Pentester - https://hackademy.aetherlab.net/p/web...
Learn Burp Suite, the Nr. 1 Web Hacking Tool - https://hackademy.aetherlab.net/p/bur...
Reverse Engineering with Radare2 - https://hackademy.aetherlab.net/p/rad...

Transcript:

Information Gathering:
Manual application discovery
Automated discovery
Harvesting publich information

Session management:
Session fixation
Weak session token quality
Weak session token management
Weak logout
Cross-site request forgery
Weak CORS
Session token protection
No session timeout
Session encryption (SSL/TLS)

Authentication:
Password strength enforcement
Authentication bypass
Unauthenticated URL access
Password brute force
Default account

Authorization:
Insecure authorization design
Only client side authorization
Variable manipulation
Direct access to resources

Client side attacks:
Reflected XSS
Stored XSS
DOM based XSS
Wrong content-type
HTTP header injection
Malicious URL redirect
Clickjacking

Server side attacks:
LFI
RFI
XML External Entity injection
OS command injection
SQL injection
Malicious file upload

Business logic attacks:
Malware upload
Enabling debug mode
User lockout
Weak process design

Information Disclosure:
Backup files
Leaking stack traces
Comments
Path disclosure
Directory listing
Credentials sent to the browser