https://lea-linux.org/docs/index.php?title=Checklist_s%C3%A9curit%C3%A9_pentest_applications&feed=atom&action=history
Checklist sécurité pentest applications - Historique des versions
2024-03-28T17:58:16Z
Historique des versions pour cette page sur le wiki
MediaWiki 1.40.1
https://lea-linux.org/docs/index.php?title=Checklist_s%C3%A9curit%C3%A9_pentest_applications&diff=42807&oldid=prev
Lea : Page créée avec « = Checklist sécurité et pentest sur des applis = ( Credits : @Dheerajmadhukar(twitter) ) * [+] Cache Poisoning * [+] Cash Overflow * [+] Clickjacking * [+] Command inj... »
2021-09-22T08:00:58Z
<p>Page créée avec « = Checklist sécurité et pentest sur des applis = ( Credits : @Dheerajmadhukar(twitter) ) * [+] Cache Poisoning * [+] Cash Overflow * [+] Clickjacking * [+] Command inj... »</p>
<p><b>Nouvelle page</b></p><div>= Checklist sécurité et pentest sur des applis =<br />
<br />
( Credits : @Dheerajmadhukar(twitter) )<br />
<br />
* [+] Cache Poisoning<br />
* [+] Cash Overflow<br />
* [+] Clickjacking<br />
* [+] Command injection attacks<br />
* [+] Comment Injection Attack<br />
* [+] Content Security Policy<br />
* [+] Content Spoofing<br />
* [+] Credential stuffing<br />
* [+] Cross Frame Scripting<br />
* [+] Cross Site History Manipulation (XSHM)<br />
* [+] Cross Site Tracing<br />
* [+] Cross-Site Request Forgery (CSRF)<br />
* [+] Cross Site Port Attack (XSPA)<br />
* [+] Cross-Site Scripting (XSS)<br />
* [+] Cross-User Defacement<br />
* [+] Custom Special Character Injection<br />
* [+] Denial of Service<br />
* [+] Direct Dynamic Code Evaluation (Eval Injection)<br />
* [+] Execution After Redirect (EAR)<br />
* [+] Exploitation of CORS<br />
* [+] Forced browsing<br />
* [+] Form action hijacking<br />
* [+] Format string attack<br />
* [+] Full Path Disclosure<br />
* [+] Function Injection<br />
* [+] Host Header injection<br />
* [+] HTTP Response Splitting<br />
* [+] HTTP verb tampering<br />
* [+] HTML injection<br />
* [+] LDAP injection<br />
* [+] Log Injection<br />
* [+] Man-in-the-browser attack<br />
* [+] Man-in-the-middle attack<br />
* [+] Mobile code: invoking untrusted mobile code<br />
* [+] Mobile code: non-final public field<br />
* [+] Mobile code: object hijack<br />
* [+] One-Click Attack<br />
* [+] Parameter Delimiter<br />
* [+] Page takeover<br />
* [+] Path Traversal<br />
* [+] Reflected DOM Injection<br />
* [+] Regular expression Denial of Service – ReDoS<br />
* [+] Repudiation Attack<br />
* [+] Resource Injection<br />
* [+] Server-Side Includes (SSI) Injection<br />
* [+] Session fixation<br />
* [+] Session hijacking attack<br />
* [+] Session Prediction<br />
* [+] Setting Manipulation<br />
* [+] Special Element Injection<br />
* [+] SMTP injection<br />
* [+] SQL Injection<br />
* [+] SSI injection<br />
* [+] Traffic flood<br />
* [+] Web Parameter Tampering<br />
* [+] XPATH Injection<br />
* [+] XSRF or SSRF<br />
* [+] Sql Injection Attack<br />
* [+] Hibernate Query Language Injection<br />
* [+] Direct OS Code Injection<br />
* [+] XML Entity Injection<br />
* [+] Broken Authentication and Session Management<br />
* [+] Cross-Site Scripting (XSS)<br />
* [+] Insecure Direct Object References<br />
* [+] Security Misconfiguration<br />
* [+] Sensitive Data Exposure<br />
* [+] Missing Function Level Access Control<br />
* [+] Cross-Site Request Forgery (CSRF)<br />
* [+] Using Components with Known Vulnerabilities<br />
* [+] Unvalidated Redirects and Forwards<br />
* [+] Cross Site Scripting Attacks<br />
* [+] Click Jacking Attacks<br />
* [+] DNS Cache Poisoning</div>
Lea