Category

Information Gathering

Configuration Management Testing

Authenticatio n Testing

Session Management

Authorization Testing Business logic testing

Data Validation Testing

Ref. Test Name Number OWASP-IG4.2.1 Spiders:: Robots and Crawlers 001 OWASP-IG4.2.2 Search Engine Discovery/Reconnaissance 002 OWASP-IG4.2.3 Identify application entry points 003 OWASP-IG4.2.4 Testing for Web Application Fingerprint 004 OWASP-IG4.2.5 Application Discovery 005 OWASP-IG4.2.6 Analysis of Error Codes 006 OWASP4.3.1 SSL/TLS Testing (SSL Version:: Algorithms:: Key CM-001 length:: Digital Cert. Validity) OWASP4.3.2 DB Listener Testing CM-002 OWASP4.3.3 Infrastructure Configuration Management Testing CM-003 OWASP4.3.4 Application Configuration Management Testing CM-004 OWASP4.3.5 Testing for File Extensions Handling CM-005 OWASP4.3.6 Old:: backup and unreferenced files CM-006 OWASP4.3.7 Infrastructure and Application Admin Interfaces CM-007 OWASP4.3.8 Testing for HTTP Methods and XST CM-008 OWASP-AT4.4.1 Credentials transport over an encrypted channel 001 OWASP-AT4.4.2 Testing for user enumeration 002 OWASP-AT4.4.3 Testing for Guessable (Dictionary) User Account 003 OWASP-AT4.4.4 Brute Force Testing 004 OWASP-AT4.4.5 Testing for bypassing authentication schema 005 OWASP-AT- 4.4.6 Testing for vulnerable remember password and pwd 006 reset OWASP-AT4.4.7 Testing for Logout and Browser Cache Management 007 OWASP-AT4.4.8 Testing for CAPTCHA 008 OWASP-AT4.4.9 Testing Multiple Factors Authentication 009 OWASP-AT4.4.10 Testing for Race Conditions 010 OWASP4.5.1 Testing for Session Management Schema SM-001 OWASP4.5.2 Testing for Cookies attributes SM-002 OWASP4.5.3 Testing for Session Fixation SM-003 OWASP4.5.4 Testing for Exposed Session Variables SM-004 OWASP4.5.5 Testing for CSRF SM-005 OWASP-AZ4.6.1 Testing for Path Traversal 001 OWASP-AZ4.6.2 Testing for bypassing authorization schema 002 OWASP-AZ4.6.3 Testing for Privilege Escalation 003 OWASP-BL4.7 Testing for Business Logic 001 OWASP4.8.1 Testing for Reflected Cross Site Scripting DV-001 OWASP4.8.2 Testing for Stored Cross Site Scripting DV-002 OWASP4.8.3 Testing for DOM based Cross Site Scripting DV-003 OWASP4.8.4 Testing for Cross Site Flashing DV-004 OWASP4.8.5 SQL Injection DV-005 OWASP4.8.6 LDAP Injection DV-006 OWASP4.8.7 ORM Injection DV-007 OWASP4.8.8 XML Injection DV-008 OWASP4.8.9 SSI Injection DV-009 OWASP4.8.10 XPath Injection DV-010 OWASP4.8.11 IMAP/SMTP Injection DV-011 OWASP4.8.12 Code Injection DV-012 OWASP4.8.13 OS Commanding DV-013 OWASP4.8.14 Buffer overflow DV-014 OWASP4.8.15 Incubated vulnerability DV-015

OWASPDV-016 OWASPDS-001 OWASPDS-002 OWASPDS-003 OWASPDenial of DS-004 OWASPService DS-005 Testing OWASPDS-006 OWASPDS-007 OWASPDS-008 OWASPWS-001 OWASPWS-002 OWASPOWASPWeb Services WS-003 WS-004 Testing OWASPWS-005 OWASPWS-006 OWASPWS-007 OWASP-AJAjax Testing 001 OWASP-AJ002

4.8.16 Testing for HTTP Splitting/Smuggling 4.9.1 Testing for SQL Wildcard Attacks 4.9.2 Locking Customer Accounts 4.9.3 Testing for DoS Buffer Overflows 4.9.4 User Specified Object Allocation 4.9.5 User Input as a Loop Counter 4.9.6 Writing User Provided Data to Disk 4.9.7 Failure to Release Resources 4.9.8 Storing too Much Data in Session 4.10.1 WS Information Gathering 4.10.2 Testing WSDL 4.10.3 XML Structural Testing 4.10.4 XML content-level Testing 4.10.5 HTTP GET parameters/REST Testing 4.10.6 Naughty SOAP attachments 4.10.7 Replay Testing 4.11.1 AJAX Vulnerabilities 4.11.2 AJAX Testing

Findin Soluti Ris Vulnerability g on k N.A. N.A. N.A. N.A. N.A. Information Disclosure SSL Weakness DB Listener weak Infrastructure Configuration management weakness Configuration management Application weakness File extensions handling Old:: backup and unreferenced files Access to Admin interfaces HTTP Methods enabled:: XST permitted:: HTTP Verb transport over an encrypted Credentials channel User enumeration Guessable user account Credentials Brute forcing Bypassing authentication schema Vulnerable remember password:: weak pwd reset - Logout function not properly implemented:: browser cache weakness Weak Captcha implementation Weak Multiple Factors Authentication Race Conditions vulnerability Bypassing Session Management Schema:: Weak Session Token Cookies are set not HTTP Only:: Secure:: and no time validity Session Fixation Exposed sensitive session variables CSRF Path Traversal Bypassing authorization schema Privilege Escalation Bypassable business logic Reflected XSS Stored XSS DOM XSS Cross Site Flashing SQL Injection LDAP Injection ORM Injection XML Injection SSI Injection XPath Injection IMAP/SMTP Injection Code Injection OS Commanding Buffer overflow Incubated vulnerability

HTTP Splitting:: Smuggling SQL Wildcard vulnerability Locking Customer Accounts Buffer Overflows User Specified Object Allocation User Input as a Loop Counter Writing User Provided Data to Disk Failure to Release Resources Storing too Much Data in Session N.A. WSDL Weakness Weak XML Structure XML content-level WS HTTP GET parameters/REST WS Naughty SOAP attachments WS Replay Testing N.A. AJAX weakness

Category

Information Gathering

Configuration Management Testing

Authentication Testing

Session Management

Authorization Testing Business logic testing

Data Validation Testing

Ref. Test Name Number OWASP-IG4.2.1 Spiders:: Robots and Crawlers 001 OWASP-IG4.2.2 Search Engine Discovery/Reconnaissance 002 OWASP-IG4.2.3 Identify application entry points 003 OWASP-IG4.2.4 Testing for Web Application Fingerprint 004 OWASP-IG4.2.5 Application Discovery 005 OWASP-IG4.2.6 Analysis of Error Codes 006 OWASP4.3.1 SSL/TLS Testing (SSL Version:: Algorithms:: Key CM-001 length:: Digital Cert. Validity) OWASP4.3.2 DB Listener Testing CM-002 OWASP4.3.3 Infrastructure Configuration Management Testing CM-003 OWASP4.3.4 Application Configuration Management Testing CM-004 OWASP4.3.5 Testing for File Extensions Handling CM-005 OWASP4.3.6 Old:: backup and unreferenced files CM-006 OWASP4.3.7 Infrastructure and Application Admin Interfaces CM-007 OWASP4.3.8 Testing for HTTP Methods and XST CM-008 OWASP-AT4.4.1 Credentials transport over an encrypted channel 001 OWASP-AT4.4.2 Testing for user enumeration 002 OWASP-AT4.4.3 Testing for Guessable (Dictionary) User Account 003 OWASP-AT4.4.4 Brute Force Testing 004 OWASP-AT4.4.5 Testing for bypassing authentication schema 005 OWASP-AT- 4.4.6 Testing for vulnerable remember password and pwd 006 reset OWASP-AT4.4.7 Testing for Logout and Browser Cache Management 007 OWASP-AT4.4.8 Testing for CAPTCHA 008 OWASP-AT4.4.9 Testing Multiple Factors Authentication 009 OWASP-AT4.4.10 Testing for Race Conditions 010 OWASP4.5.1 Testing for Session Management Schema SM-001 OWASP4.5.2 Testing for Cookies attributes SM-002 OWASP4.5.3 Testing for Session Fixation SM-003 OWASP4.5.4 Testing for Exposed Session Variables SM-004 OWASP4.5.5 Testing for CSRF SM-005 OWASP-AZ4.6.1 Testing for Path Traversal 001 OWASP-AZ4.6.2 Testing for bypassing authorization schema 002 OWASP-AZ4.6.3 Testing for Privilege Escalation 003 OWASP-BL4.7 Testing for Business Logic 001 OWASP4.8.1 Testing for Reflected Cross Site Scripting DV-001 OWASP4.8.2 Testing for Stored Cross Site Scripting DV-002 OWASP4.8.3 Testing for DOM based Cross Site Scripting DV-003 OWASP4.8.4 Testing for Cross Site Flashing DV-004 OWASP4.8.5 SQL Injection DV-005 OWASP4.8.6 LDAP Injection DV-006 OWASP4.8.7 ORM Injection DV-007 OWASP4.8.8 XML Injection DV-008 OWASP4.8.9 SSI Injection DV-009 OWASP4.8.10 XPath Injection DV-010 OWASP4.8.11 IMAP/SMTP Injection DV-011 OWASP4.8.12 Code Injection DV-012 OWASP4.8.13 OS Commanding DV-013

Testing

OWASPDV-014 OWASPDV-015 OWASPDV-016 OWASPDS-001 OWASPDS-002 OWASPDS-003 OWASPDenial of Service DS-004 OWASPTesting DS-005 OWASPDS-006 OWASPDS-007 OWASPDS-008 OWASPWS-001 OWASPWS-002 OWASPWS-003 OWASPWeb Services WS-004 Testing OWASPWS-005 OWASPWS-006 OWASPWS-007 OWASP-AJ001 Ajax Testing OWASP-AJ002

4.8.14 Buffer overflow 4.8.15 Incubated vulnerability 4.8.16 Testing for HTTP Splitting/Smuggling 4.9.1 Testing for SQL Wildcard Attacks 4.9.2 Locking Customer Accounts 4.9.3 Testing for DoS Buffer Overflows 4.9.4 User Specified Object Allocation 4.9.5 User Input as a Loop Counter 4.9.6 Writing User Provided Data to Disk 4.9.7 Failure to Release Resources 4.9.8 Storing too Much Data in Session 4.10.1 WS Information Gathering 4.10.2 Testing WSDL 4.10.3 XML Structural Testing 4.10.4 XML content-level Testing 4.10.5 HTTP GET parameters/REST Testing 4.10.6 Naughty SOAP attachments 4.10.7 Replay Testing 4.11.1 AJAX Vulnerabilities 4.11.2 AJAX Testing

Vulnerability Finding N.A. N.A. N.A. N.A. N.A. Information Disclosure SSL Weakness DB Listener weak Infrastructure Configuration management weakness Application Configuration management weakness File extensions handling Old:: backup and unreferenced files Access to Admin interfaces HTTP Methods enabled:: XST permitted:: transport over an Credentials HTTP Verb encrypted channel User enumeration Guessable user account Credentials Brute forcing Bypassing authentication schema Vulnerable remember password:: weak pwd reset - Logout function not properly implemented:: browser cache weakness Weak Captcha implementation Weak Multiple Factors Authentication Race Conditions vulnerability Bypassing Session Management Schema:: Weak Session Token Cookies are set not HTTP Only:: Secure:: and no time validity Session Fixation Exposed sensitive session variables CSRF Path Traversal Bypassing authorization schema Privilege Escalation Bypassable business logic Reflected XSS Stored XSS DOM XSS Cross Site Flashing SQL Injection LDAP Injection ORM Injection XML Injection SSI Injection XPath Injection IMAP/SMTP Injection Code Injection OS Commanding

Solution

Risk

Buffer overflow Incubated vulnerability HTTP Splitting:: Smuggling SQL Wildcard vulnerability Locking Customer Accounts Buffer Overflows User Specified Object Allocation User Input as a Loop Counter Writing User Provided Data to Disk Failure to Release Resources Storing too Much Data in Session N.A. WSDL Weakness Weak XML Structure XML content-level WS HTTP GET parameters/REST WS Naughty SOAP attachments WS Replay Testing N.A. AJAX weakness

Ref. Tools Number OWASP-IGhttps://www.google.com/webmasters/tools/home?hl=fr 001 OWASP-IG002 OWASP-IG003 OWASP-IG004 OWASP-IG005 OWASP-IG006 OWASPCM-001 OWASPCM-002 OWASPCM-003 OWASPCM-004 OWASPCM-005 OWASPCM-006 OWASPCM-007 OWASPCM-008 OWASP-AT001 OWASP-AT002 OWASP-AT003 OWASP-AT004 OWASP-AT005 OWASP-AT006 OWASP-AT007 OWASP-AT008 OWASP-AT009 OWASP-AT010 OWASPSM-001 OWASPSM-002 OWASPSM-003 OWASPSM-004 OWASPSM-005 OWASP-AZ001 OWASP-AZ002 OWASP-AZ003 OWASP-BL001 OWASPDV-001 OWASPDV-002 OWASPDV-003 OWASPDV-004 OWASPDV-005 OWASPDV-006 OWASPDV-007 OWASPDV-008 OWASPDV-009 OWASPDV-010 OWASPDV-011 OWASPDV-012 OWASPDV-013 OWASPDV-014 OWASPDV-015 OWASPDV-016 OWASPDS-001

OWASPDS-002 OWASPDS-003 OWASPDS-004 OWASPDS-005 OWASPDS-006 OWASPDS-007 OWASPDS-008 OWASPWS-001 OWASPWS-002 OWASPWS-003 OWASPWS-004 OWASPWS-005 OWASPWS-006 OWASPWS-007 OWASP-AJ001 OWASP-AJ002