-

Забезпечення Якості -- Quality Assurance
-

вівторок, 11 жовтня 2011 р.

Web Application Security Testing

.
Web Application Security Testing themes.

1. Vulnerability Analysis

2. Source Code Analysis

3. Penetration Testing

3.1. Pen Test Strategies

3.1.1. Targeted testing

3.1.2. External testing

3.1.3. Internal testing

3.1.4. Blind testing

3.1.5. Double blind testing

3.2. Issues of Input Validation

3.2.1. The Blackbox Testing Technique

3.2.2. SQL Injection Vulnerabilities

3.2.3. Code and Content Injection

3.2.4. Server Side Includes (SSI)

3.2.5. Miscellaneous Injection

3.2.6. Path Traversal and URIs

3.2.7. Cross Site Scripting

3.3. Session Security Issues

3.3.1. Cookies

3.3.2. Session Security and Session-IDs

3.3.3. Logic Flaws

3.3.4. Binary Attacks

4. Fuzz Testing

5. Obfuscation

6. Architectural Risk Analysis