Stack Overflow
Stack Overflow

Questions tagged [penetration-testing]

This tag is for questions that involve black box security testing of applications and/or networks. Questions that involve vulnerability scanning, offensive security, exploit development, etc., might fall under this tag.

About Web Application Penetration Testing on OWASP site.

411 questions
5
votes
1 answer

Is the Expect-CT HTTP header still relevant in 2021?

We recently had a penetration test performed on our site and one of the recommendations was to implement the Expect-CT HTTP response header: It is recommended to implement the Expect-CT header. A sensible setting for testing would be the…
HappyDog
  • 1,230
  • 1
  • 18
  • 45
5
votes
2 answers

Where can I find an exhaustive list of web attack strings

I'm looking for exhaustive list(s) of web attack strings, which includes as many possible injection strings as possible, including SQLis , XSS, XPATH injections, SSIs, etc. Preferably encoded in various formats. Anyone knows where to find these?
lisa1987
  • 545
  • 1
  • 5
  • 14
5
votes
1 answer

Enable stack canaries in ios swift

I was looking for a way to enable stack canaries for my ios application in swift but then i found that recent version of xcodes have the flag required to enable stack canaries is enabled by default. So then i was looking for a way to ensure the…
XiOS
  • 1,665
  • 2
  • 18
  • 22
5
votes
1 answer

Penetration testers say that the .ASPXAUTH cookie is insecure and is displaying session data?

I thought the .ASPXAUTH was for user authentication? Can anyone confirm if this cookie is indeed a security risk and/or contains session information? Is it even suppose to be used or is it some debug thing?
MetaGuru
  • 42,847
  • 67
  • 188
  • 294
5
votes
2 answers

How to intall ssl support for Nikto scanner?? I am trying install ssl library dependencies.Help me to achieve it

I have installed nikto on ubuntu 12.04 .when i am trying to scan targets oves ssl .It is sayin no SSL supoort .Please help me confgure nikto . On nikto website below line is written ,but not explained.help me configure it For SSL support the…
Kapila Clan
  • 75
  • 3
  • 10
5
votes
1 answer

Conditional/Executable Comments in MySQL/SQL Server

Before I begin, I realize that what I'm attempting is bizarre and hackish. It's just for an isolated pen test, specifically SQL Injection. What I need to do is write a SQL statement that behaves differently when executing on a MySQL database than…
Will
  • 733
  • 8
  • 23
4
votes
3 answers

Preventing 'content-sniffing' type vulnerabilities when handling user-uploaded images?

The problem: I work on an internal tool that allows users to upload images - and then displays those images back to them and others. It's a Java/Spring application. I have the benefit of only needing to worry about IE11 exactly and Firefox v38+…
Paul
  • 3,318
  • 8
  • 36
  • 60
4
votes
2 answers

Penetration testing for PHP security vulnerabilities

I am doing a undergrad research paper on "Identifying and Testing security vulnerabilities in websites". Initially I thought I would test manually as I had specified in my methodology that I would only test for few chosen vulnerabilities i.e. SQL…
user3558596
4
votes
1 answer

OWASP's ZAP and the Fuzz ability

My scenario: I navigate to a login page. I put in a known username with a bad password. ZAP picks this up no issue. I select the POST to the login page. I find the lines that contain the Username and password. The…
James Craig
  • 473
  • 3
  • 9
  • 22
4
votes
1 answer

Use App Scripts to open form and make a selection

To put this briefly I am testing a Google drive form that will record votes for a school election to ensure that it is secure. Is there a way to open a form from the shared URL and list/input data? In short, can I write a script to act like a bot…
Kyte
  • 834
  • 2
  • 12
  • 27
3
votes
2 answers

Pen test blind SQL injection and viewstate error

I have an asp.net web app that's going through a pen test by internal IT. They are using IBM AppScan to run scans against the web app. One of the errors that keeps coming up is viewstate input field related. The tool modifies the viewstate and sends…
Tigran
  • 872
  • 1
  • 9
  • 25
3
votes
2 answers

What is CSS injection and how to prevent it?

I have heard my friend talking about this vulnerability called "CSS Injections" However, I have no idea what this is and as soon as I heard it I thought, how could one possibly do any malicious activity or an attack using CSS? So I wanted to know…
Syed M. Sannan
  • 1,061
  • 2
  • 9
  • 28
3
votes
1 answer

AWS ALB Host Header Attack

I'm trying to find a way to stop a host header attack from happening on my ALB. My load balancer takes care of redirecting port 80 to 443 and that is where the attack is possible. Right now the only way I can see of doing it is adding each of my…
user2570937
  • 802
  • 3
  • 17
  • 34
3
votes
1 answer

Is there a security concern in RxJS library?

Currently I am working on a project that uses RxJS within Angular framework. A recent penetration testing report highlighted that the use of window.postMessage(‘’, ‘*’) in the application could lead to security vulnerabilities. Investigating this…
DeepTech
  • 51
  • 4
3
votes
2 answers

Utilizing ZAP for RESTAPI testing

I'm curious as to how ZAP can be used to test RESTAPIs in the context of API security. Is it just the OpenAPI add on that can be used or are there other(more effective) methods?
vuln3x
  • 41
  • 3
1
2
3
27 28