Veja o que pode ser explorado em uma aplicação WEB:
* Client-side validation — Checks may not be replicated on the server
* Database interaction — SQL injection
* File uploading and downloading — Path traversal vulnerabilities, stored cross-site scripting
* Display of user-supplied data — Cross-site scripting
* Dynamic redirects — Redirection and header injection attacks
* Social networking features — username enumeration, stored cross-site scripting
* Login — Username enumeration, weak passwords, ability to use brute force
* Multistage login — Logic flaws
* Session state — Predictable tokens, insecure handling of tokens
* Access controls — Horizontal and vertical privilege escalation
* User impersonation functions — Privilege escalation
* Use of cleartext communications — Session hijacking, capture of credentials and other sensitive data
* Off-site links — Leakage of query string parameters in the Referer header
* Interfaces to external systems — Shortcuts in the handling of sessions and/or access controls
* Error messages — Information leakage
* E-mail interaction — E-mail and/or command injection
* Native code components or interaction — Buffer overflows
* Use of third-party application components — Known vulnerabilities
* Identifiable web server software — Common configuration weaknesses, known software bugs
Bom Proveito.
Nenhum comentário:
Postar um comentário