Security Test Issues for websites

A list of common security issues might have for your sites.

  1. XSS
    Sample to check : <img src=x onerror="&#0000106&#0000097&#0000118&#0000097&#0000115&#0000099&#0000114&#0000105&#0000112&#0000116&#0000058&#0000097&#0000108&#0000101&#0000114&#0000116&#0000040&#0000039&#0000088&#0000083&#0000083&#0000039&#0000041">
  2. Authorization
    Normal user can have access to admin/root API. This can be checked by inspecting web app by Chrome Developer Tool or Firefox Inspector. You can even copy the request as cUrl and import it to Postman to trigger
    For example with…

--

--

--

For those who are interested in automating the stuffs, CI/CD pipeline, automation test..

Recommended from Medium

Overpass 3-Hosting-TryHackMe

{UPDATE} Mahjong To Go - Classico Gioco di Abbinamento Hack Free Resources Generator

New Crypto Scam! How to Prevent Yourself From Becoming a Victim

Incident Response and Threat Emulation in Corporate Environments

{UPDATE} Peggity Hack Free Resources Generator

Finding and Exploiting Path traversal in apache 2.4.49 http server [CVE-2021–41773]

Hack the Planet

How To Effectively Implement & Monitor Cloud Infrastructure

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Donald Le

Donald Le

A passionate automation engineer who strongly believes in “A man can do anything he wants if he puts in the work”.

More from Medium

How to secure an application on Cloud

We need to secure the application from attackers.

What Ails Enterprise Authorization

The Basics to Software Requirements Specification (SRS Document)

RSA Encryption in 250 words or less