Attacks and Tests
This table is concentrated list of types of attacks and tests performed by AppSec Labs during security checks. This list includes all known attacks for the production of the document correctly.
Category | Ref. Number | Test Name | Vulnerability |
---|---|---|---|
Information Gathering | OWASP-IG-001 OWASP-IG-002 OWASP-IG-003 OWASP-IG-004 OWASP-IG-005 OWASP-IG-006 | Spiders, Robots and Crawlers Search Engine Discovery/Recon Identify application entry points Testing for Web App Fingerprint Application Discovery Analysis of Error Codes | N/A N/A N/A N/A N/A Information disclosure |
Configuration Management Testing | OWASP-CM-001 OWASP-CM-002 OWASP-CM-003 OWASP-CM-004 OWASP-CM-005 OWASP-CM-006 OWASP-CM-007 OWASP-CM-008 | SSL/TLS Testing DB Listener Testing Infrastructure Configuration Management Testing Application Configuration Management Testing Testing for File Extensions Handling Old, backup and unreferenced files Infrastructure and Application Admin Interfaces Testing for HTTP Methods and XST | SSL weakness DB listener weakness Infrastructure configuration management weakness Application configuration management weakness File extensions handling Old, backup and unreferenced files Access to Admin interfaces HTTP Methods enabled, XST permitted, HTTP Verb |
Authentication Testing | OWASP-AT-001 OWASP-AT-002 OWASP-AT-003 OWASP-AT-004 OWASP-AT-005 OWASP-AT-006 OWASP-AT-007 OWASP-AT-008 OWASP-AT-009 OWASP-AT-010 | Credentials transport over an encrypted channel Testing for user enumeration Testing for Guessable (Dictionary) User Account Brute Force Testing Testing for bypassing authentication schema Testing for vulnerable remember password and pwd reset Testing for Logout and Browser Cache Management Testing for CAPTCHA Testing Multiple Factors Authentication Testing for Race Conditions | Credentials transport over an encrypted channel User enumeration Guessable user account Credentials Brute forcing Bypassing authentication schema Vulnerable remember password, weak pwd reset Logout function not properly implemented, browser cache weakness Weak Captcha implementation Weak Multiple Factors Authentication Race Conditions vulnerability |
Session Management | OWASP-SM-001 OWASP-SM-002 OWASP-SM-003 OWASP-SM-004 OWASP-SM-005 | Testing for Session Management Schema Testing for Cookies attributes Testing for Session Fixation Testing for Exposed Session Variables Testing for CSRF | Bypassing Session Management Schema, Weak Session Token Cookies are set not ‘HTTP Only’, ‘Secure’, and no time validity Session Fixation Exposed sensitive session variables CSRF |
Authorization Testing | OWASP-AZ-001 OWASP-AZ-002 OWASP-AZ-003 | Testing for Path Traversal Testing for bypassing authorization schema Testing for Privilege Escalation | Path Traversal Bypassing authorization schema Privilege Escalation |
Business Logic Testing | OWASP-BL-001 | Testing for business logic | Bypassable business logic |
Data Validation Testing | OWASP-DV-001 OWASP-DV-002 OWASP-DV-003 OWASP-DV-004 OWASP-DV-005 OWASP-DV-006 OWASP-DV-007 OWASP-DV-008 OWASP-DV-009 OWASP-DV-010 OWASP-DV-011 OWASP-DV-012 OWASP-DV-013 OWASP-DV-014 OWASP-DV-015 OWASP-DV-016 | Testing for Reflected Cross Site Scripting Testing for Stored Cross Site Scripting Testing for DOM based Cross Site Scripting Testing for Cross Site Flashing SQL Injection LDAP Injection ORM Injection XML Injection SSI Injection XPath Injection IMAP/SMTP Injection Code Injection OS Commanding Buffer overflow Incubated vulnerability Testing Testing for HTTP Splitting/Smuggling | Reflected XSS Stored XSS DOM XSS Cross Site Flashing SQL Injection LDAP Injection ORM Injection XML Injection SSI Injection XPath Injection IMAP/SMTP Injection Code Injection OS Commanding Buffer overflow Incubated vulnerability HTTP Splitting, Smuggling |
Denial of Service Testing | OWASP-DS-001 OWASP-DS-002 OWASP-DS-003 OWASP-DS-004 OWASP-DS-005 OWASP-DS-006 OWASP-DS-007 OWASP-DS-008 | Testing for SQL Wildcard Attacks Locking Customer Accounts Testing for DoS Buffer Overflows User Specified Object Allocation User Input as a Loop Counter Writing User Provided Data to Disk Failure to Release Resources Storing too Much Data in Session | SQL Wildcard vulnerability Locking Customer Accounts Buffer Overflows User Specified Object Allocation User Input as a Loop Counter Writing User Provided Data to Disk Failure to Release Resources Storing too Much Data in Session |
Web Services Testing | OWASP-WS-001 OWASP-WS-002 OWASP-WS-003 OWASP-WS-004 OWASP-WS-005 OWASP-WS-006 OWASP-WS-007 | WS Information Gathering Testing WSDL XML Structural Testing XML content-level Testing HTTP GET parameters/REST Testing Naughty SOAP attachments Replay Testing | N/A WSDL Weakness Weak XML Structure XML content-level WS HTTP GET parameters/REST WS Naughty SOAP attachments WS Replay Testing |
Ajax Testing | OWASP-AJ-001 OWASP-AJ-002 | AJAX Vulnerabilities AJAX Testing | N/A AJAX weakness |