List of attacks and tests performed during penetration testing

List of attacks and tests performed during penetration testing

This table is concentrated list of types of attacks and tests performed during security checks. This list includes all known attacks for the production of the document correctly.

Category
Ref. Number
Test Name
Vulnerability
Information Gathering
OWASP-IG-001
Spiders, Robots and Crawlers -

N.A.
OWASP-IG-002
Search Engine Discovery/Reconnaissance
N.A.
OWASP-IG-003
Identify application entry points
N.A.
OWASP-IG-004
Testing for Web Application Fingerprint
N.A.
OWASP-IG-005
Application Discovery
N.A.
OWASP-IG-006
Analysis of Error Codes
Information Disclosure
Configuration Management Testing
OWASP-CM-001
SSL/TLS Testing (SSL Version, Algorithms, Key length, Digital Cert. Validity)
SSL Weakness
OWASP-CM-002
DB Listener Testing
DB Listener weak
OWASP-CM-003
Infrastructure Configuration Management Testing
Infrastructure Configuration management weakness
OWASP-CM-004
Application Configuration Management Testing
Application Configuration management weakness
OWASP-CM-005
Testing for File Extensions Handling
File extensions handling
OWASP-CM-006
Old, backup and unreferenced files
Old, backup and unreferenced files
OWASP-CM-007
Infrastructure and Application Admin Interfaces
Access to Admin interfaces
OWASP-CM-008
Testing for HTTP Methods and XST
HTTP Methods enabled, XST permitted, HTTP Verb
Authentication Testing
OWASP-AT-001
Credentials transport over an encrypted channel
Credentials transport over an encrypted channel
OWASP-AT-002
Testing for user enumeration
User enumeration
OWASP-AT-003
Testing for Guessable (Dictionary) User Account
Guessable user account
OWASP-AT-004
Brute Force Testing
Credentials Brute forcing
OWASP-AT-005
Testing for bypassing authentication schema
Bypassing authentication schema
OWASP-AT-006
Testing for vulnerable remember password and pwd reset
Vulnerable remember password, weak pwd reset
OWASP-AT-007
Testing for Logout and Browser Cache Management
Logout function not properly implemented, browser cache weakness
OWASP-AT-008
Testing for CAPTCHA
Weak Captcha implementation
OWASP-AT-009
Testing Multiple Factors Authentication
Weak Multiple Factors Authentication
OWASP-AT-010
Testing for Race Conditions
Race Conditions vulnerability
Session Management
OWASP-SM-001
Testing for Session Management Schema
Bypassing Session Management Schema, Weak Session Token
OWASP-SM-002
Testing for Cookies attributes

Cookies are set not ‘HTTP Only’, ‘Secure’, and no time validity
OWASP-SM-003
Testing for Session Fixation
Session Fixation
OWASP-SM-004
Testing for Exposed Session Variables
Exposed sensitive session variables
OWASP-SM-005
Testing for CSRF
CSRF
Authorization Testing
OWASP-AZ-001
Testing for Path Traversal

Path Traversal
OWASP-AZ-002
Testing for bypassing authorization schema

Bypassing authorization schema
OWASP-AZ-003
Testing for Privilege Escalation
Privilege Escalation
Business Logic Testing
OWASP-BL-001
Testing for business logic
Bypassable business logic

Data Validation Testing
OWASP-DV-001
Testing for Reflected Cross Site Scripting
Reflected XSS
OWASP-DV-002
Testing for Stored Cross Site Scripting
Stored XSS
OWASP-DV-003
Testing for DOM based Cross Site Scripting
DOM XSS
OWASP-DV-004
Testing for Cross Site Flashing
Cross Site Flashing
OWASP-DV-005
SQL Injection
SQL Injection
OWASP-DV-006
LDAP Injection
LDAP Injection
OWASP-DV-007
ORM Injection
ORM Injection
OWASP-DV-008
XML Injection
XML Injection
OWASP-DV-009
SSI Injection
SSI Injection
OWASP-DV-010
XPath Injection
XPath Injection
OWASP-DV-011
IMAP/SMTP Injection
IMAP/SMTP Injection
OWASP-DV-012
Code Injection
Code Injection
OWASP-DV-013
OS Commanding
OS Commanding
OWASP-DV-014
Buffer overflow
Buffer overflow
OWASP-DV-015
Incubated vulnerability Testing
Incubated vulnerability
OWASP-DV-016
Testing for HTTP  Splitting/Smuggling

HTTP Splitting, Smuggling


Denial of Service Testing
OWASP-DS-001
Testing for SQL Wildcard Attacks
SQL Wildcard vulnerability
OWASP-DS-002
Locking Customer Accounts
Locking Customer Accounts
OWASP-DS-003
Testing for DoS Buffer Overflows
Buffer Overflows
OWASP-DS-004
User Specified Object Allocation
User Specified Object Allocation
OWASP-DS-005
User Input as a Loop Counter
User Input as a Loop Counter
OWASP-DS-006
Writing User Provided Data to Disk
Writing User Provided Data to Disk
OWASP-DS-007
Failure to Release Resources
Failure to Release Resources
OWASP-DS-008
Storing too Much Data in Session
Storing too Much Data in Session
Web Services Testing
OWASP-WS-001
WS Information Gathering
N.A.
OWASP-WS-002
Testing WSDL
WSDL Weakness
OWASP-WS-003
XML Structural Testing
Weak XML Structure
OWASP-WS-004
XML content-level Testing
XML content-level
OWASP-WS-005
HTTP GET parameters/REST Testing
WS HTTP GET parameters/REST
OWASP-WS-006
Naughty SOAP attachments
WS Naughty SOAP attachments
OWASP-WS-007
Replay Testing
WS Replay Testing
AJAX Testing
OWASP-AJ-001
AJAX Vulnerabilities
N.A
OWASP-AJ-002
AJAX Testing
AJAX weakness
Source: https://appsec-labs.com/list-attacks-and-tests-performed-during-penetration-testing