Stack Overflow
Stack Overflow

Questions tagged [security-testing]

The six basic security concepts that need to be covered by security testing are: confidentiality, integrity, authentication, availability, authorization and non-repudiation.

Security testing is a process intended to reveal flaws in the security mechanisms of an information system that protect data and maintain functionality as intended. Due to the logical limitations of security testing, passing security testing is not an indication that no flaws exist or that the system adequately satisfies the security requirements.

Typical security requirements may include specific elements of confidentiality, integrity, authentication, availability, authorization and non-repudiation. Actual security requirements tested depend on the security requirements implemented by the system. Security testing as a term has a number of different meanings and can be completed in a number of different ways. As such a Security Taxonomy helps us to understand these different approaches and meanings by providing a base level to work from.

70 questions
0
votes
1 answer

How to compare a value in the response with earlier values in soapUI?

I'm working with soapUI and groovy to do a test whether a particular value regenerates again? I'll have a soapUI request with JSON which gives a id in the response, i should extract tat id and store it in a dynamic location so that the when i run…
Sharath
  • 11
  • 2
0
votes
1 answer

Is there a web app security auditing tool that produces reports showing what attack types were tested for?

I want to generate a basic report from testing, I would like the testing to cover the OWASP top 10. I have looked at OWASP ZAP reporting but this just highlights any issues as opposed to saying XY and Z were tested for with no evidence of them…
Damien
  • 308
  • 4
  • 15
-1
votes
1 answer

How to automate burpsuite with C#?

I have been trying to automate burpsuite using selenium with C# , I couldn't find any elements in the burpsuite. I couldnt find the elements of the "Next" button in the burpsuite community version.
Amal
  • 1
-1
votes
2 answers

Is there a way to check how scan and fuzz commands work at backend in ZAP?

We have a requirement to know how commands works at backend when triggered via OWASP ZAP Tool. This will help for data visualizing & interaction with ZAP and UI. For example: Commands like 'active scan' In ZAP Tool we select required site and click…
sridattas
  • 459
  • 1
  • 6
  • 21
-1
votes
1 answer

Should I take (Pen test) approval from AWS for Fuzz testing my Application API's hosted on AWS?

I wanted to Fuzz Tests my APIs on my own stack which are hosted on AWS environment (Have used lambdas and API gateway) There are mostly GET APIs and only one PUT API.My requirement is to Fuzz Test the API headers and the body. For this I'm planning…
shaik sartaj
  • 49
  • 1
  • 2
  • 5
-1
votes
1 answer

Is adb tool is used for security testing?

Is adb tool is used for security testing? Hi All, Is adb tool is used for security testing of mobile applications? can any one help me out and is it possible to run on ubuntu?
user3511026
  • 159
  • 1
  • 2
  • 17
-2
votes
2 answers

Security Testing for mobile applications

i'm new to the mobility domain. What should be the best approach to test the mobile applications security vulnerabilities. Please share the information and if anybody knows any tools to be use to achieve the same. I'm looking for android and iOS…
mdashu
  • 225
  • 1
  • 6
  • 14
-4
votes
1 answer

How to open page on port 8080

Im trying to open a page using java and selenium on port 8080. Ive tried using the page and :8080 but the page continually keeps opening on a different port. Im basically trying to use zap and it configured to use firefox on port 8080. ANy help…
FearghalQA
  • 255
  • 1
  • 2
  • 11
-5
votes
1 answer

How to configure the user_token of Damn Vulnerable Web Application within CSRF field while Script based authentication using ZAP?

I had been following the documentation of Script Based Authentication for Damn Vulnerable Web Application using ZAP. I have navigated to http://localhost/dvwa/login.php through Manual Explore which opens up the DVWA application on my localhost as…
undetected Selenium
  • 183,867
  • 41
  • 278
  • 352
1 2 3 4
5