classification
exclusivePenetration testing guidance document contains attacks
1. Attack scenario
File inclusion attack
described
The file contains vulnerabilities that are "code notes...
Free exclusiveBlack Box Penetration Testing Guide Cross-site Forging Request CSRF
CSRF ( Cross Site Request Forgery) is a Web application attacker...
Free exclusiveForwarding and redirecting black box penetration testing guidance
forward(forward)
It is a jump on the server side, where a request is sent from the client to the service...
Free exclusiveDownload penetration testing guidance
attack scenarios
Download without defense
Description:
Many application systems or components provide...
Free exclusiveBlack box penetration testing guidance passed down
I. attack scenarios
Upload webshell directly
Describe many application systems...
Free exclusiveBlack Box Penetration Testing Guide: XML Injection
I. attack scenarios
Send XML requests directly
described
Many application systems or components require...
Free exclusiveBlack Box Penetration Testing Guide: SQL Injection
Test using automated scanning tools
Tools:AppScan,WebInspect,AWVS, etc.
Test method: Use automatic...
Free