BROKEN ACCESS CONTROL TESTING

En esta sección iremos describiendo como vamos realizando los laboratorios de Bugcrowd University:

  • Bwapp Section – A4 – Insecure Direct Object Reference
    • Insecure DOR (Change Secret)
    • Insecure DOR (Reset Secret)
    • Insecure DOR (Order Tickets)
  • Bwapp Section -A7- Missing Functional Level Access Control
    • Directory Traversal – Directories
    • Directory Traversal – Files
    • Local File Inclusion (SQLITEManager)
    • Remote & Local File Inclusion (RFI/LFI)
    • Restrict Device Access
    • Restrict Folder Access
Anuncios

Deja un comentario