Web Application Vulnerability Assessment Checklist v1

Uploaded by

moksh.grover22

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as XLSX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

30 views16 pages

Web Application Vulnerability Assessment Checklist v1

Uploaded by

moksh.grover22

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as XLSX, PDF, TXT or read online on Scribd

You are on page 1/ 16

Web Application A

Status
55

25
COUNT

Vuln Status New (empty)

Column J NaN NaN NaN NaN NaN NaN

Data NaN 4 4 56 47 9
eb Application Assessment Dashboard

Data
Vuln Status Observation Count of Finding Count of Observation
New 4 4
Checked 4 4
(empty) 56
Checked 47
Not Checked 9
Total Result 60 4

NaN
h
9
Observation
S.No Vulnerabilities Severity
Vuln StatusObservationAuditor
FindingComments
1 SQL injection High Not Checked Yes
2 broken authentication and session management High Not Checked Yes
3 IDOR High Not Checked Yes
4 XXE High Not Checked Yes
5 Sensitive data Exposure High Not Checked Yes
6 Credintials over unencrypted channel High Not Checked Yes
7 CSRF High Not Checked Yes
8 file upload High Not Checked Yes
9 formula injection High Not Checked Yes
10 LFI High Checked No
11 RFI High Checked No
12 SSRF High Checked No
13 Second order sql injection High Checked No
14 privilege escalation(horizontal/vertical) High Checked No
15 Insecure Deserialization High Checked No
16 Insufficient logging and monitoring High Checked Yes
17 HTML injection(Reflected) High Checked Yes
18 HTML injection(Stored) High Checked Yes
19 Iframe injection(Cross frame scripting) High Checked Yes
20 Command injection High Checked Yes
21 Xpath injection High Checked Yes
22 LDAP injection High Checked No
23 default or weak password in database(like phpmyadmin) High Checked No
24 Database connection string disclosure High Checked No
25 Authentication Bypass using SQl High Checked No
26 Reflected xss High Checked No
27 Stored xss High Checked No

28 Direct URL access to sensitive XML File New Checked

Broken Authentication via Response Manipulation

OR
Unauthorized access of the application (without
29 credentials) New Checked
30 New Checked
31 Application using known vulnerability Medium Checked No
32 Path traversal Medium Checked No
33 Directory Listing Medium Checked No
34 Clickjacking Medium Checked No
35 default credentials Medium Checked No
36 Brute force attack Medium Checked No
37 Sensitive data in get request Medium Checked No
38 unvalidated redirects and forwards Medium Checked No
39 Security misconfiguration Medium Checked No
40 Cross site tracing Medium Checked No
41 Insufficient Session Expiration Medium Checked No
42 Internal path disclosure/Full Path Disclosure Medium Checked No
43 sql query disclosure Medium Checked No
44 Full Path Disclosure Medium Checked No
45 Lack of Rate Limiting Medium New Checked
46 Misssing HTTP headers Low Checked No
47 Autocomplete feature is On Low Checked No
48 change password without old passaword Low Checked No
49 HTTP errors Low Checked No
50 No account lockout policy Low Checked No
51 Remember password Low Checked No
52 Weak password policy Low Checked No
53 Weak crossdomain.xml Low Checked No
54 No input validation Low Checked No
55 Host Header injection Low Checked No
56 Cookie without HttpOnly flag Low Checked No
57 Content type is not specified Low Checked No
58 Cookie without Secure flag Low Checked No
59 Concurrent user login Low Checked No
60 Banner Grabbing Low Checked No
61 Captcha not Implemented Low Checked No
63 Reset password token and key leakage via referer header Low New Checked No
64 debug mode enable Low New Checked No
Reference URLs
https://sqlwiki.netspi.com/detection OR http://securityidiots.com/Web-Pentest/SQL-Injection/Part-1-Basic-of-SQL-for-SQLi.ht
https://hdivsecurity.com/owasp-broken-authentication-and-session-management
http://www.hackingarticles.in/beginner-guide-insecure-direct-object-references/
https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing
https://blog.detectify.com/2016/07/01/owasp-top-10-sensitive-data-exposure-6/
https://www.owasp.org/index.php/Testing_for_Sensitive_information_sent_via_unencrypted_channels_(OTG-CRYPST-003)
http://www.hackingarticles.in/understanding-csrf-vulnerability-beginner-guide/
http://www.hackingarticles.in/file-upload-exploitation-bwapp-bypass-security/
https://payatu.com/csv-injection-basic-to-exploit/
http://www.hackingarticles.in/5-ways-exploit-lfi-vulnerability/
https://teamultimate.in/local-file-inclusion-lfi-remote-file-inclusion-rfi/
https://www.acunetix.com/blog/articles/server-side-request-forgery-vulnerability/
https://www.esecforte.com/second-order-sql-injection/
https://searchsecurity.techtarget.com/definition/privilege-escalation-attack
https://blog.detectify.com/2018/03/21/owasp-top-10-insecure-deserialization/
https://blog.detectify.com/2018/04/06/owasp-top-10-insufficient-logging-monitoring/
https://teamultimate.in/html-injection-reflected-stored/
https://teamultimate.in/html-injection-reflected-stored/
https://www.owasp.org/index.php/Cross_Frame_Scripting
https://www.owasp.org/index.php/Command_Injection
http://projects.webappsec.org/w/page/13247005/XPath%20Injection
http://projects.webappsec.org/w/page/13246947/LDAP%20Injection
https://www.acunetix.com/blog/articles/weak-password-vulnerability-common-think/
https://www.acunetix.com/vulnerabilities/web/database-connection-string-disclosure
https://support.portswigger.net/customer/portal/articles/2791007-Methodology_SQL_Injection_Authentication_.html
http://phpsecurity.readthedocs.io/en/latest/Cross-Site-Scripting-(XSS).html
http://phpsecurity.readthedocs.io/en/latest/Cross-Site-Scripting-(XSS).html

Sometimes applications can unintentionally leak information about their configuration, internal workings, users list through XM
other misconfigured files from the server. Pentesting team has found that smilar userslist.xml file has been exposed by the ap
revealing UserIDs and SessionIDs.
https://company.com/xml/userslist.xml

https://www.owasp.org/index.php/Top_10-2017_A9-Using_Components_with_Known_Vulnerabilities
https://www.tinfoilsecurity.com/blog/what-is-path-traversal
http://lifeofpentester.blogspot.in/2013/10/directory-browsing-vulnerability.html
https://www.lookingglasscyber.com/blog/threat-intelligence-insights/x-frame-options-clickjacking/
https://www.owasp.org/index.php/Testing_for_default_credentials_(OTG-AUTHN-002)
https://www.owasp.org/index.php/Brute_force_attack
https://www.owasp.org/index.php/Information_exposure_through_query_strings_in_url
https://www.owasp.org/index.php/Unvalidated_Redirects_and_Forwards_Cheat_Sheet
https://blog.detectify.com/2016/06/17/owasp-top-10-security-misconfiguration-5/
https://deadliestwebattacks.com/2010/05/18/cross-site-tracing-xst-the-misunderstood-vulnerability/
https://www.htbridge.com/vulnerability/insufficient-session-expiration.html
https://www.owasp.org/index.php/Full_Path_Disclosure
http://doc.cenzic.com/sadoc9x14ba847/CPL0001046.htm
https://www.owasp.org/index.php/Full_Path_Disclosure

https://www.owasp.org/index.php/OWASP_Secure_Headers_Project
https://www.acunetix.com/vulnerabilities/web/password-type-input-with-auto-complete-enabled
https://www.owasp.org/index.php/Testing_for_weak_password_change_or_reset_functionalities_(OTG-AUTHN-009)
https://www.owasp.org/index.php/Testing_for_Error_Code_(OTG-ERR-001)
https://vulnerabilities.teammentor.net/article/577e90c9-8e44-4240-b00f-768316d63901
https://www.owasp.org/index.php/Testing_for_Vulnerable_Remember_Password_(OTG-AUTHN-005)
https://www.acunetix.com/vulnerabilities/web/weak-password
https://www.paladion.net/blogs/weak-crossdomain-xml-and-its-exploitation-poc
https://www.owasp.org/index.php/Testing_for_Input_Validation
https://www.acunetix.com/blog/articles/automated-detection-of-host-header-attacks/
https://portswigger.net/kb/issues/00500600_cookie-without-httponly-flag-set
https://www.acunetix.com/vulnerabilities/web/content-type-is-not-specified
https://portswigger.net/kb/issues/00500200_ssl-cookie-without-secure-flag-set
http://appsecnotes.blogspot.com/2009/05/simultaneous-sessions-for-single-user.html
https://haklab.net/banner-grabbing-foot-printing-network-scanning/
https://www.owasp.org/index.php/Testing_for_Captcha_(OWASP-AT-008)
S.No Vulnerabilities Severit CWE/OWASP Referen
1 SQL injection High
2 broken authentication and session management High
3 IDOR High OTG-AUTHZ-004
4 XXE High
5 Sensitive data Exposure High
6 Credintials over unencrypted channel High OTG-CRYPST-003
7 CSRF High
8 Unrestricted_File_Upload High https://www.owasp.org/index.php/Unrestricted_File_Upload
9 formula injection High CVE-2014-3524
10 LFI High
11 RFI High
12 SSRF High
13 Second order sql injection High
14 privilege escalation(horizontal/vertical) High
15 Insecure Deserialization High CWE-502
16 Insufficient logging and monitoring High CWE-778
17 HTML injection(Reflected) High OTG-CLIENT-003
18 HTML injection(Stored) High OTG-CLIENT-003
19 Iframe injection(Cross frame scripting) High CWE-829
20 Command injection High CWE-78
21 Xpath injection High CWE-643
22 LDAP injection High CWE-90
23 phpmyadmin page is open High
24 Database connection string disclosure High
26 Authentication Bypass using SQl High
27 Reflected xss High OWASP-DV-001
28 Stored xss High OWASP-DV-001
Description
Injection flaws, such as SQL, OS, and LDAP injection occur when untrusted data is sent to an interpreter as part of a command
Application functions related to authentication and session management are often not implemented correctly, allowing attack
A direct object reference occurs when a developer exposes a reference to an internal implementation object, such as a file, dir
Attackers can exploit vulnerable XML processors if they can upload XML or include hostile content in an XML document, explo
Many web applications do not properly protect sensitive data, such as credit cards, tax IDs, and authentication credentials. Att
Many web applications do not properly protect sensitive data, such as credit cards, tax IDs, and authentication credentials. Att
A CSRF attack forces a logged-on victim’s browser to send a forged HTTP request, including the victim’s session cookie and any
This script is possibly vulnerable to unrestricted file upload. Various web applications allow users to upload files (such as pictur
Formula or CSV injection is by an attacker to get shell or to execute some malicious commands from a user
Local file inclusion attack is used to include the local file of the system/server on live application
Remote file inclusion attack is used to execute malicious commands remotely(using RFI we can get the shell also)
(SSRF) refers to an attack where in an attacker is able to send a crafted request from a vulnerable web application
In which an attacker can post some sql commands on web app and it doesnot filter the commands and execute it on the web
Applications unwitingly give admin or some upper level access to normal user which should be do in this way
Insecure Deserialization is a vulnerability which occurs when untrusted data is used to abuse the logic of an application, inflict
It includes everything from unlogged events, logs that are not stored properly and warnings where no action is taken within re
HTML injection is an attack that is similar to Cross-site Scripting (XSS). ... Attacker discovers injection vulnerability and decides
HTML injection is an attack that is similar to Cross-site Scripting (XSS). ... Attacker discovers injection vulnerability and decides
Cross-Frame Scripting (XFS) is an attack that combines malicious JavaScript with an iframe that loads a legitimate page in an eff
Injection flaws, such as SQL, OS, and LDAP injection occur when untrusted data is sent to an interpreter as part of a command
Attackers can exploit vulnerable XML processors if they can upload XML or include hostile content in an XML document, explo
LDAP Injection is an attack technique used to exploit web sites that construct LDAP statements from user-supplied input
PHPmyadmin should not be accessible for all user
The connection string may include attributes such as the name of the driver, server and database
An attacker can bypass authentication using sql commands
In which malicious scripts are injected in request paramter then send it to victim and when victim click on the URL/request the
In which malicious scripts are injected in request paramter then send it to victim and when victim click on the URL/request the
Reference URLs
https://sqlwiki.netspi.com/detection OR http://securityidiots.com/Web-Pentest/SQL-Injection/Part-1-Basic-of-SQL-for-SQLi.ht
https://hdivsecurity.com/owasp-broken-authentication-and-session-management
http://www.hackingarticles.in/beginner-guide-insecure-direct-object-references/
https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing
https://blog.detectify.com/2016/07/01/owasp-top-10-sensitive-data-exposure-6/
https://www.owasp.org/index.php/Testing_for_Sensitive_information_sent_via_unencrypted_channels_(OTG-CRYPST-003)
http://www.hackingarticles.in/understanding-csrf-vulnerability-beginner-guide/
http://www.hackingarticles.in/file-upload-exploitation-bwapp-bypass-security/
https://payatu.com/csv-injection-basic-to-exploit/
http://www.hackingarticles.in/5-ways-exploit-lfi-vulnerability/
https://teamultimate.in/local-file-inclusion-lfi-remote-file-inclusion-rfi/
https://www.acunetix.com/blog/articles/server-side-request-forgery-vulnerability/
https://www.esecforte.com/second-order-sql-injection/
https://searchsecurity.techtarget.com/definition/privilege-escalation-attack
https://blog.detectify.com/2018/03/21/owasp-top-10-insecure-deserialization/
https://blog.detectify.com/2018/04/06/owasp-top-10-insufficient-logging-monitoring/
https://teamultimate.in/html-injection-reflected-stored/
https://teamultimate.in/html-injection-reflected-stored/
https://www.owasp.org/index.php/Cross_Frame_Scripting
https://www.owasp.org/index.php/Command_Injection
http://projects.webappsec.org/w/page/13247005/XPath%20Injection
http://projects.webappsec.org/w/page/13246947/LDAP%20Injection

https://www.acunetix.com/vulnerabilities/web/database-connection-string-disclosure
https://support.portswigger.net/customer/portal/articles/2791007-Methodology_SQL_Injection_Authentication_.html
http://phpsecurity.readthedocs.io/en/latest/Cross-Site-Scripting-(XSS).html
http://phpsecurity.readthedocs.io/en/latest/Cross-Site-Scripting-(XSS).html
S.No Vulnerabilities Severity CWE/OWASP Reference
1 Application using known vulnerability Medium
2 Path traversal Medium
3 Directory Listing Medium CWE-548
4 Clickjacking Medium OTG-CLIENT-009
5 default credentials Medium OTG-AUTHN-002
6 Brute force attack Medium
7 Sensitive data in get request Medium
8 URL redirect Medium
9 Security misconfiguration Medium
10 Cross site tracing Medium
11 Insufficient Session Expiration Medium CWE-613
12 Internal path disclosure/Full Path Disclosure Medium
13 sql query disclosure Medium
14 No Captcha Implementation Medium OWASP-AT-012
15 Upload Path Disclosure Medium
Description
Components, such as libraries, frameworks, and other software modules, almost always run with full privileges. If a vulnerable
Definition of 'Path Traversal' Definition: Path Traversal is one of the many critical web application security vulnerabilities. ... It
A directory listing is inappropriately exposed, yielding potentially sensitive information to attackers. Extended Description. A d
Clickjacking (User Interface redress attack, UI redress attack, UI redressing) is a malicious technique of tricking a Web user into
An can expliot or bypass the authentication if the users are using default credentials
An attacker use brute force attack to unlock the account at login page or can use to retrieve information such as username fro
Sensitive data in url is harmful for a user, the attacker can read the information
Some application redirects the user to malicious web app which is harmful for a user.
Security misconfiguration can happen at any level of an application stack, including the platform, web server, application serve
XST could be used as a method to steal user's cookies via Cross-site Scripting (XSS) even if the cookie has the "HttpOnly" flag s
A session should expire after a limited time of logged in user
This enable the attacker to see the path to the webroot/file. e.g.: /home/omg/htdocs/file/.
Sometimes when attacker use malicious sql commands the web apps gives sql query on the web page
A captcha should be implemented when there is authentication feature to restrict the brute force attack
When a user upload a file, the application unknowngly disclose the path of file where the will be uploaded
Reference URLs
https://www.owasp.org/index.php/Top_10-2017_A9-Using_Components_with_Known_Vulnerabilities
https://www.tinfoilsecurity.com/blog/what-is-path-traversal
http://lifeofpentester.blogspot.in/2013/10/directory-browsing-vulnerability.html
https://www.lookingglasscyber.com/blog/threat-intelligence-insights/x-frame-options-clickjacking/
https://www.owasp.org/index.php/Testing_for_default_credentials_(OTG-AUTHN-002)
https://www.owasp.org/index.php/Brute_force_attack
https://www.owasp.org/index.php/Information_exposure_through_query_strings_in_url
https://www.owasp.org/index.php/Unvalidated_Redirects_and_Forwards_Cheat_Sheet
https://blog.detectify.com/2016/06/17/owasp-top-10-security-misconfiguration-5/
https://deadliestwebattacks.com/2010/05/18/cross-site-tracing-xst-the-misunderstood-vulnerability/
https://www.htbridge.com/vulnerability/insufficient-session-expiration.html
https://www.owasp.org/index.php/Full_Path_Disclosure
S.No Vulnerabilities Severity CWE/OWASP Reference
1 Misssing HTTP headers Low
2 Autocomplete feature is On Low
3 change password without old passaword Low OTG-AUTHN-009
4 HTTP errors Low OTG-ERR-001
5 No account lockout policy Low
6 Remember password Low OTG-AUTHN-005
7 Weak password policy Low OTG-AUTHN-007
8 Weak crossdomain.xml Low
9 No input validation Low
10 HTTP 414 error Low
11 Host Header injection Low
12 Cookie without HttpOnly flag Low CWE-16
13 Content type is not specified Low CWE-16
14 Cookie without Secure flag Low OTG-SESS-002
15 Concurrent user login Low
16 Banner Grabbing Low
Description
A application should use HTTP headers for protecting the web sit
Autocomplete feature should be On in login page
A web application should implement password change policy wi
A website sometimes display http error and those errors reveal
Web application uses no account lockout policy and an attacker
Web application provides a feature called as remember passwor
Web app allows user to set a weak passwords which is harmful
A weak crossdomain.xml file can allow the cybercriminal to acces
Applications should validate the user commands
In which an attacker plays with the parameter of request by enter large value of parameter in request so that page doesn’t giv

a cookie is set with the HTTPOnly flag, it instructs the browser t

This value informs the browser what kind of data to expect. If t
When a cookie is set with the Secure flag, it instructs the brow
Applications generally provide concurrent login but for more secu
Banner grabbing or OS fingerprinting is a method to determine
Reference URLs
https://www.owasp.org/index.php/OWASP_Secure_Headers_Project
https://www.acunetix.com/vulnerabilities/web/password-type-input-with-auto-complete-enabled
https://www.owasp.org/index.php/Testing_for_weak_password_change_or_reset_functionalities_(OTG-AUTHN-009)
https://www.owasp.org/index.php/Testing_for_Error_Code_(OTG-ERR-001)
https://vulnerabilities.teammentor.net/article/577e90c9-8e44-4240-b00f-768316d63901
https://www.owasp.org/index.php/Testing_for_Vulnerable_Remember_Password_(OTG-AUTHN-005)
https://www.acunetix.com/vulnerabilities/web/weak-password
https://www.paladion.net/blogs/weak-crossdomain-xml-and-its-exploitation-poc
https://www.owasp.org/index.php/Testing_for_Input_Validation
quest by enter large value of parameter in request so that page doesn’t give any response
https://www.acunetix.com/blog/articles/automated-detection-of-host-header-attacks/
https://portswigger.net/kb/issues/00500600_cookie-without-httponly-flag-set
https://www.acunetix.com/vulnerabilities/web/content-type-is-not-specified
https://portswigger.net/kb/issues/00500200_ssl-cookie-without-secure-flag-set
http://appsecnotes.blogspot.com/2009/05/simultaneous-sessions-for-single-user.html
https://haklab.net/banner-grabbing-foot-printing-network-scanning/

Altoro Mutual Penetration Testing Report
No ratings yet
Altoro Mutual Penetration Testing Report
20 pages
Rule of Thumb Formulae
80% (5)
Rule of Thumb Formulae
54 pages
VAPT Report - Zero - Webappsecurity.com by Sudhakar Reddy-Updated
0% (1)
VAPT Report - Zero - Webappsecurity.com by Sudhakar Reddy-Updated
44 pages
Vulnerability Assessment Executive Summary
No ratings yet
Vulnerability Assessment Executive Summary
2 pages
Pine Script v5 User Manual (200-350)
No ratings yet
Pine Script v5 User Manual (200-350)
151 pages
Hacking Web Applications
No ratings yet
Hacking Web Applications
23 pages
ACS Penetration Testing Report v1
No ratings yet
ACS Penetration Testing Report v1
15 pages
Web Pentesting Sample Report
No ratings yet
Web Pentesting Sample Report
25 pages
pt0 002 13
No ratings yet
pt0 002 13
35 pages
EOS Extension Documentation
No ratings yet
EOS Extension Documentation
270 pages
Introduction To Computer Fundamentals
No ratings yet
Introduction To Computer Fundamentals
15 pages
OWASP Top-10 2017 - Presentation
No ratings yet
OWASP Top-10 2017 - Presentation
43 pages
DVWA
No ratings yet
DVWA
32 pages
Butterfly - Security Project - 1.0
100% (1)
Butterfly - Security Project - 1.0
125 pages
C0805C100K5GACTU
No ratings yet
C0805C100K5GACTU
4 pages
OWASP Top 10 2017 All Vulnerabilities
No ratings yet
OWASP Top 10 2017 All Vulnerabilities
84 pages
Optimal Capital Allocation
No ratings yet
Optimal Capital Allocation
37 pages
Modelling Imperfectly Appropriable R&D Via Spillovers
No ratings yet
Modelling Imperfectly Appropriable R&D Via Spillovers
20 pages
Flow Characteristics of Skimming Flows in Stepped Channels: I. Ohtsu Y. Yasuda and M. Takahashi
No ratings yet
Flow Characteristics of Skimming Flows in Stepped Channels: I. Ohtsu Y. Yasuda and M. Takahashi
10 pages
CM Pentest
No ratings yet
CM Pentest
34 pages
NSX Administration Guide NSX For Vsphere 6.2
No ratings yet
NSX Administration Guide NSX For Vsphere 6.2
370 pages
OWASP Top 10 2017 Https WWW Seci Co in
No ratings yet
OWASP Top 10 2017 Https WWW Seci Co in
45 pages
English 3 Program
No ratings yet
English 3 Program
8 pages
Source Code Review
100% (1)
Source Code Review
37 pages
Lipid Chemistry BSN
No ratings yet
Lipid Chemistry BSN
53 pages
Owasp Top 10
No ratings yet
Owasp Top 10
10 pages
STAT-231-Statistical Methods
No ratings yet
STAT-231-Statistical Methods
98 pages
OWASP Web and Mobile App Security
No ratings yet
OWASP Web and Mobile App Security
101 pages
Hacking in Web Applications
No ratings yet
Hacking in Web Applications
9 pages
2018 Howland Et Al. Quantifying The Effects of Erosion On Archaeological Sites With Low-Altitude Aerial Photography, Structure From Motion, and GIS
No ratings yet
2018 Howland Et Al. Quantifying The Effects of Erosion On Archaeological Sites With Low-Altitude Aerial Photography, Structure From Motion, and GIS
9 pages
Me 208 Dynamics: Dr. Ergin TÖNÜK
No ratings yet
Me 208 Dynamics: Dr. Ergin TÖNÜK
31 pages
PenTest Proposal
No ratings yet
PenTest Proposal
8 pages
Web Penetration Report OWASP
No ratings yet
Web Penetration Report OWASP
16 pages
Corn Starch
No ratings yet
Corn Starch
8 pages
Common Fractions Convert To Decimal All PDF
No ratings yet
Common Fractions Convert To Decimal All PDF
20 pages
Continuity Equation
No ratings yet
Continuity Equation
11 pages
Fabric Drape
No ratings yet
Fabric Drape
3 pages
Web Application Security: ISACA Bangalore Chapter Aug 2007 Runa Dwibedi
No ratings yet
Web Application Security: ISACA Bangalore Chapter Aug 2007 Runa Dwibedi
49 pages
CLIMATEWAVERS Owasp-Top-10
No ratings yet
CLIMATEWAVERS Owasp-Top-10
38 pages
Exercises of Nouns
No ratings yet
Exercises of Nouns
5 pages
Researchpaper Microsegregation Studies On Pulsed Current Gas Tungsten Arc Welding of Alloy C 276
No ratings yet
Researchpaper Microsegregation Studies On Pulsed Current Gas Tungsten Arc Welding of Alloy C 276
6 pages
B112 Saurabh Patil EH Assign
No ratings yet
B112 Saurabh Patil EH Assign
5 pages
BTC Script Grabber
No ratings yet
BTC Script Grabber
3 pages
Handout 2.1 Ethical Hacking Pentesting and Anonymity
No ratings yet
Handout 2.1 Ethical Hacking Pentesting and Anonymity
23 pages
Vulnerability Assessment Report-2
No ratings yet
Vulnerability Assessment Report-2
12 pages
Web Application Penetration Testing - Final Project
No ratings yet
Web Application Penetration Testing - Final Project
50 pages
Moisture in The Atmosphere
No ratings yet
Moisture in The Atmosphere
43 pages
OWASP
No ratings yet
OWASP
6 pages
Vulnerability Assessmentof Web Applicationsand Recommendationsfor Actions Penetration Testing Report
No ratings yet
Vulnerability Assessmentof Web Applicationsand Recommendationsfor Actions Penetration Testing Report
26 pages
Unit 4
No ratings yet
Unit 4
32 pages
OWASP Top 10 2021
No ratings yet
OWASP Top 10 2021
18 pages
Assembly Procedure 24M
No ratings yet
Assembly Procedure 24M
21 pages
Unit 09
No ratings yet
Unit 09
9 pages
2023-01-10 Hostedscan Report
No ratings yet
2023-01-10 Hostedscan Report
30 pages
Owasp Top 10
No ratings yet
Owasp Top 10
41 pages
Website Vulnerability Scanner Report (Light)
No ratings yet
Website Vulnerability Scanner Report (Light)
5 pages
OWASP: Testing Guide v4.2 Checklist: Information Gathering Test Name
No ratings yet
OWASP: Testing Guide v4.2 Checklist: Information Gathering Test Name
20 pages
Test Portal: Vulnerability Assessment & Penetration Testing
No ratings yet
Test Portal: Vulnerability Assessment & Penetration Testing
12 pages
Owasp Top 10 Attacks and Mitigation: Detox Technologies
No ratings yet
Owasp Top 10 Attacks and Mitigation: Detox Technologies
25 pages
PROJECT Yhills
No ratings yet
PROJECT Yhills
27 pages
OWASP Top 10: Hacking With Burp Suite: Presentation by Chad Furman
No ratings yet
OWASP Top 10: Hacking With Burp Suite: Presentation by Chad Furman
20 pages
Data Sheet USB5 V 2019 05 EN
No ratings yet
Data Sheet USB5 V 2019 05 EN
1 page
Junior French Course PDF
No ratings yet
Junior French Course PDF
232 pages
Web Application Security: ISACA Bangalore Chapter Aug 2007 Runa Dwibedi
No ratings yet
Web Application Security: ISACA Bangalore Chapter Aug 2007 Runa Dwibedi
49 pages
Physical Characterization of Activated Carbon Derived From Mangosteen Peel PDF
No ratings yet
Physical Characterization of Activated Carbon Derived From Mangosteen Peel PDF
5 pages
Beginner Course-Navigating The UI
No ratings yet
Beginner Course-Navigating The UI
8 pages
03 - Web Application Penetration Testing
No ratings yet
03 - Web Application Penetration Testing
25 pages
Vapt 1
No ratings yet
Vapt 1
18 pages
Comprehensive VAPT Report - Technical Findings & Recommendations 2
No ratings yet
Comprehensive VAPT Report - Technical Findings & Recommendations 2
24 pages
Cavity Vent Valve
No ratings yet
Cavity Vent Valve
2 pages
Web Application Security Adithyan AK
No ratings yet
Web Application Security Adithyan AK
64 pages
Web Application VA - PT First Report - Sample
No ratings yet
Web Application VA - PT First Report - Sample
14 pages
Nilesh Chouibisa
No ratings yet
Nilesh Chouibisa
15 pages
41 Common Web Application Vulnerabilities Explained
No ratings yet
41 Common Web Application Vulnerabilities Explained
22 pages
Penetration Testing Reportmars 14, 2022: Prepared By: Email: Telephone
100% (1)
Penetration Testing Reportmars 14, 2022: Prepared By: Email: Telephone
19 pages
Report
No ratings yet
Report
17 pages
Application Security and Secure Programming
No ratings yet
Application Security and Secure Programming
81 pages
Ethical Hacking OWASP
No ratings yet
Ethical Hacking OWASP
22 pages
Pentest Checklists
No ratings yet
Pentest Checklists
20 pages
Must Know Hacking!3
No ratings yet
Must Know Hacking!3
60 pages
Application Security Introduction - Overview PT 2
No ratings yet
Application Security Introduction - Overview PT 2
40 pages
Eccouncil Ecihv2 7 6 1 Web Application Security Threats and Attacks
No ratings yet
Eccouncil Ecihv2 7 6 1 Web Application Security Threats and Attacks
3 pages
DemoPasswordManager v1.0
No ratings yet
DemoPasswordManager v1.0
28 pages
12 Wcdma Hsdpa RRM and Parameters
No ratings yet
12 Wcdma Hsdpa RRM and Parameters
67 pages
Static Code Review
No ratings yet
Static Code Review
9 pages
Information Gathering Test Name
No ratings yet
Information Gathering Test Name
15 pages
Candidate Dashboard WASA Report July 2012
No ratings yet
Candidate Dashboard WASA Report July 2012
12 pages
Web PEN Test Report
100% (1)
Web PEN Test Report
8 pages