Ethical Hacking and Manual Penetration Testing : Web & Mobile

I have created a plan includes below all vulnerabilities to be tested.

Input Validation Flaws
1. XSS (Cross Site Scripting)
2. Buffer Overflow
3. Integer Overflow.
4. HTML injection/I Frame injection.
5. XPath injection.
6. CRLF Injection/ HTTP response splitting
7. OS Commanding / Command Injection
8. Format String attack
9. SSI injection.
10. Null Byte injection
11. Directory traversal / Path Traversal
12. SQL Injection

Session/Cookie Related Vulnerabilities:-
1. Session/Cookie Hijacking
2. Session Fixation
3. Ineffective Session Expiration
4. Session Timeout

Authentication Flaws
1. Brute Force Log In
2. Insufficient/ Weak authentication
3. Weak Password.
4. Basic Authentication over HTTP
5. Username and Password in URL.

Access Control Flaws
1. Privilege Elevation/insufficient authorization/Anonymous Access
2. Insecure Direct Object Reference
3. Failure to Restrict URL Access
4. Review of File Permission

Other Vulnerabilities
1. Cross Site Request Forgery (CSRF)
2. Information Leakage and Improper Error Handling
3. Monitor Security Defects in Shared (3rd Party) Components

Web Server /Configuration Vulnerabilities:
1. HTTP Verb Tampering
2. HTTP Parameter Pollution
3. Directory Indexing
4. Cross Site Tracing
5. Insecure Configuration.(Application/server misconfiguration)

1. URL redirection/Open redirects.
2. Cross frame Scripting(Pages which can be injected into frames of phishing
3. Click Jacking Frame injection/IFrame Injection

Denial of Service
1. Denial of Service (DoS)

Cryptographic vulnerabilities
1. Insecure Transmission/Insufficient Transport layer Security
2. Insecure Cryptographic Storage

Information Leakage and Improper Error Handling
1. Sensitive HTML & JavaScript comments
2. Disclosure of Versions of Web server/ back end Technologies
3. Application Path Disclosure
4. Sensitive Data In Hidden Field
5. Logging of Sign-in Credentials in Plain text or weakly encoded.

Abuse of Functionality/Design Logic Flaws
1. Insufficient Process validation

1. Port scanning
2. Run Security Scanners


Please sign in or sign up to comment.