List of attacks and tests performed during penetration testing
List of attacks and tests performed during penetration testing
This table is concentrated list of types of attacks and tests performed during security checks. This list includes all known attacks for the production of the document correctly.
Category | Ref. Number | Test Name | Vulnerability |
---|---|---|---|
Information Gathering | OWASP-IG-001 | Spiders, Robots and Crawlers - | N.A. |
OWASP-IG-002 | Search Engine Discovery/Reconnaissance | N.A. | |
OWASP-IG-003 | Identify application entry points | N.A. | |
OWASP-IG-004 | Testing for Web Application Fingerprint | N.A. | |
OWASP-IG-005 | Application Discovery | N.A. | |
OWASP-IG-006 | Analysis of Error Codes | Information Disclosure | |
Configuration Management Testing | OWASP-CM-001 | SSL/TLS Testing (SSL Version, Algorithms, Key length, Digital Cert. Validity) | SSL Weakness |
OWASP-CM-002 | DB Listener Testing | DB Listener weak | |
OWASP-CM-003 | Infrastructure Configuration Management Testing | Infrastructure Configuration management weakness | |
OWASP-CM-004 | Application Configuration Management Testing | Application Configuration management weakness | |
OWASP-CM-005 | Testing for File Extensions Handling | File extensions handling | |
OWASP-CM-006 | Old, backup and unreferenced files | Old, backup and unreferenced files | |
OWASP-CM-007 | Infrastructure and Application Admin Interfaces | Access to Admin interfaces | |
OWASP-CM-008 | Testing for HTTP Methods and XST | HTTP Methods enabled, XST permitted, HTTP Verb | |
Authentication Testing | OWASP-AT-001 | Credentials transport over an encrypted channel | Credentials transport over an encrypted channel |
OWASP-AT-002 | Testing for user enumeration | User enumeration | |
OWASP-AT-003 | Testing for Guessable (Dictionary) User Account | Guessable user account | |
OWASP-AT-004 | Brute Force Testing | Credentials Brute forcing | |
OWASP-AT-005 | Testing for bypassing authentication schema | Bypassing authentication schema | |
OWASP-AT-006 | Testing for vulnerable remember password and pwd reset | Vulnerable remember password, weak pwd reset | |
OWASP-AT-007 | Testing for Logout and Browser Cache Management | Logout function not properly implemented, browser cache weakness | |
OWASP-AT-008 | Testing for CAPTCHA | Weak Captcha implementation | |
OWASP-AT-009 | Testing Multiple Factors Authentication | Weak Multiple Factors Authentication | |
OWASP-AT-010 | Testing for Race Conditions | Race Conditions vulnerability | |
Session Management | OWASP-SM-001 | Testing for Session Management Schema | Bypassing Session Management Schema, Weak Session Token |
OWASP-SM-002 | Testing for Cookies attributes | Cookies are set not ‘HTTP Only’, ‘Secure’, and no time validity | |
OWASP-SM-003 | Testing for Session Fixation | Session Fixation | |
OWASP-SM-004 | Testing for Exposed Session Variables | Exposed sensitive session variables | |
OWASP-SM-005 | Testing for CSRF | CSRF | |
Authorization Testing | OWASP-AZ-001 | Testing for Path Traversal | Path Traversal |
OWASP-AZ-002 | Testing for bypassing authorization schema | Bypassing authorization schema | |
OWASP-AZ-003 | Testing for Privilege Escalation | Privilege Escalation | |
Business Logic Testing | OWASP-BL-001 | Testing for business logic | Bypassable business logic |
Data Validation Testing | OWASP-DV-001 | Testing for Reflected Cross Site Scripting | Reflected XSS |
OWASP-DV-002 | Testing for Stored Cross Site Scripting | Stored XSS | |
OWASP-DV-003 | Testing for DOM based Cross Site Scripting | DOM XSS | |
OWASP-DV-004 | Testing for Cross Site Flashing | Cross Site Flashing | |
OWASP-DV-005 | SQL Injection | SQL Injection | |
OWASP-DV-006 | LDAP Injection | LDAP Injection | |
OWASP-DV-007 | ORM Injection | ORM Injection | |
OWASP-DV-008 | XML Injection | XML Injection | |
OWASP-DV-009 | SSI Injection | SSI Injection | |
OWASP-DV-010 | XPath Injection | XPath Injection | |
OWASP-DV-011 | IMAP/SMTP Injection | IMAP/SMTP Injection | |
OWASP-DV-012 | Code Injection | Code Injection | |
OWASP-DV-013 | OS Commanding | OS Commanding | |
OWASP-DV-014 | Buffer overflow | Buffer overflow | |
OWASP-DV-015 | Incubated vulnerability Testing | Incubated vulnerability | |
OWASP-DV-016 | Testing for HTTP Splitting/Smuggling | HTTP Splitting, Smuggling | |
Denial of Service Testing | OWASP-DS-001 | Testing for SQL Wildcard Attacks | SQL Wildcard vulnerability |
OWASP-DS-002 | Locking Customer Accounts | Locking Customer Accounts | |
OWASP-DS-003 | Testing for DoS Buffer Overflows | Buffer Overflows | |
OWASP-DS-004 | User Specified Object Allocation | User Specified Object Allocation | |
OWASP-DS-005 | User Input as a Loop Counter | User Input as a Loop Counter | |
OWASP-DS-006 | Writing User Provided Data to Disk | Writing User Provided Data to Disk | |
OWASP-DS-007 | Failure to Release Resources | Failure to Release Resources | |
OWASP-DS-008 | Storing too Much Data in Session | Storing too Much Data in Session | |
Web Services Testing | OWASP-WS-001 | WS Information Gathering | N.A. |
OWASP-WS-002 | Testing WSDL | WSDL Weakness | |
OWASP-WS-003 | XML Structural Testing | Weak XML Structure | |
OWASP-WS-004 | XML content-level Testing | XML content-level | |
OWASP-WS-005 | HTTP GET parameters/REST Testing | WS HTTP GET parameters/REST | |
OWASP-WS-006 | Naughty SOAP attachments | WS Naughty SOAP attachments | |
OWASP-WS-007 | Replay Testing | WS Replay Testing | |
AJAX Testing | OWASP-AJ-001 | AJAX Vulnerabilities | N.A |
OWASP-AJ-002 | AJAX Testing | AJAX weakness |