Vulnerabilities Tests/Management
– SQL Injection
– Command Injection
– Html Injection
– Cross Site Scripting Attacks
– Remote Code Execution
– Load File Inclusion
– Directory Listing
– Bot Attacks
– DOS/DDOS attacks
– Host Header Poisoning
– Password Reset Link Hijacking
– Price Manipulation
– Race Condition
– Http Parameter Pollution
– CRLF injection
– Cookie Stealing
– Server Hijack
– Server Access
– Website Admin Takeover
– Cookie Manipulation Attacks
– XXE Injection
– Authentication Bypass Attacks
– Brute Force/Rate Limit Attacks
– Senstive Information Leakage
– Application logic flaws
– Forced browsing
– Access and authentication controls
– Session management
– Session Fixation Attacks
– Cookie manipulation
– Horizontal escalation
– Vertical escalation
– Brute-force password guessing
– Poor server configuration
– Information leakage
– Source code disclosure
– Response splitting
– File upload/download attacks
– Parameter tampering
– URL manipulation
– Injection attacks for HTML, SQL, XML, SOAP, XPATH, LDAP
– Fuzzing
– Manual tests