Questions tagged [penetration-testing]

This tag is for questions that involve black box security testing of applications and/or networks. Questions that involve vulnerability scanning, offensive security, exploit development, etc., might fall under this tag.

About Web Application Penetration Testing on OWASP site.

411 questions

votes

1 answer

Is it fine to use duplicate response header with same value?

I found a response where duplicate headers are used by the application with the same value. Could anyone tell me that, Is it a good programming practice or those are used for security perspective or anything else? HTTP/1.1 200 …

asked Nov 20 '17 at 05:09

Pawan Dwivedee

votes

2 answers

Request.PathInfo issues and XSS attacks

I have a couple of websites running on .NET 3.5 still due to an API restriction. We will eventually move these sites to the latest .NET version this year. One of the penetration tests indicated a possible XSS vulnerability. The URL in question…

c# asp.net webforms xss penetration-testing

asked Feb 13 '17 at 18:43

PhillyNJ

3,859
4
38
64

votes

1 answer

WordPress Cookie Security - Persistent Cookie comment_author change to session cookie

Can someone explain to me how I would go about changing WordPress comment_author cookie expiery tag, I want to delete the 'Expires=' tag to change it to a session cookie. Where would i do this in the php files? Thanks

php wordpress cookies session-cookies penetration-testing

asked Jun 10 '16 at 14:39

user1673498

votes

1 answer

SQL Server database injection

I have a simple web application in asp with SQL Server back end database. The login page has an injection point and I am able to bypass the login by the usual ` ' OR 1=1 '. Now I was able to enumerate the columns in the database using GROUP BY and…

sql sql-server sql-injection penetration-testing

asked Jun 05 '16 at 15:48

Tim

votes

1 answer

Python windows privilege escalation

So, I want to run a program in administrator mode (UAC) After some digging i foud this: import os import types from traceback import print_exc from sys import argv, executable def isUserAdmin(): if os.name == 'nt': import ctypes …

python windows uac penetration-testing

asked Jul 17 '15 at 16:33

Richard Paul Astley

votes

3 answers

Pen testing your MVC application

Here are some the commonly known practices for securing an MVC application: Encode your output Parameterize your SQL Test your search backwards and forward 1 way hash passwords Lock out accounts or limit login attempts Use code based impersonation…

asp.net-mvc security password-protection penetration-testing

asked Jan 27 '10 at 06:21

Jeremy Seekamp

2,746
1
22
25

votes

4 answers

is it possible to load BackTrack 5 on Raspberry Pi?

I am thinking about loading Back Track 5 on the Raspberry Pi and was wondering if this is possible or am I setting myself up for wasting a lot of time? The ARM version of BackTrack5 is ~1 GB whereas the "Squeeze" Debian version recommended by…

penetration-testing raspberry-pi

asked Jul 17 '12 at 04:09

user1068636

1,871
7
33
57

votes

1 answer

Busting a tough FRAME killer

I've been trying to break this up for a few hours now but with no success... I am pretty desperate now :( I am doing penetration testing for a company and I need to bypass this frame killer JS: