Web Pentest Overview

From pentestwiki.org

Web Pentest Overview

Server-Side Attacks

  • SSRF: server side request forgery
  • RCE: Remote Code Execution
  • Shell injection
  • LFI: Local File Inclusion
  • Remote File Inclusion
  • Path Traversal / Arbitrary
  • SQL injection
  • LDAP injection
  • Server-side Template Injection
  • XXE: XML External Entities
  • File Upload
  • De-serialization
  • JSON: JWS/JWE weaknesses
  • HTTP request smuggling
  • Brute-forcing
  • Broken Session management (login/cookie bypass, impersonation, ...)
  • Logical flaws (Insecure Direct Object References, ...)

Client-Side Attacks

  • XSS (Cross-Site Scripting)
  • CSRF (Cross-Site Request Forgery)

Web security

  • HSTS (HTTP Strict Transport Security) Protects against Man-in-the-Middle, downgrade attacks and cookie hijacking in the webbrowser
  • CORS (Cross-origin resource sharing) Protects cross-domain XHR calls to prevent XSS in the webbrower
  • CSP (Content Security Policy) https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy Controls which origins and scripts the user agents loads to prevent XSS in the webbrowser

Authentication protocols

More info