Scribd Logo
Upload

Welcome to Scribd!

  • WAPT Generic CheckList

    Uploaded by

    samsung
    191 views6 pages
    WAPT Generic Checklist

    Copyright

    © © All Rights Reserved

    Available Formats

    XLSX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    WAPT Generic Checklist

    Copyright:

    © All Rights Reserved
    Download as XLSX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    191 views6 pages

    WAPT Generic CheckList

    Uploaded by

    samsung
    WAPT Generic Checklist

    Copyright:

    © All Rights Reserved
    Download as XLSX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 6

    SR. NO.

    Input Validation
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    Error/Output Handling
    16
    17
    18
    19
    20
    Authentication Flaws
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38

    39
    40
    41
    42
    43
    44
    45
    46
    Session Management
    47
    48
    49
    50
    51
    52
    53
    54
    55
    Authorization Flaws
    56
    57
    58
    59
    60
    61

    Application/Server Misconfiguration
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78

    79
    80
    81
    Secure Data Storage
    82
    83
    Cryptography
    84
    85
    86
    Business Logic
    87
    88
    89

    Type / Test Case


    Input Validation
    Check for input validation of 'type', length, format, range
    Validation of all user inputs at server-side (Client Side Bypass)
    Stored XSS
    Reflected XSS
    Test for SQLi
    Test for File Upload format validations
    Test for OWASP injection flaws
    Test for URL redirection
    Content Spoofing
    Buffer Overflows
    XML Injection
    LDAP Injection
    Xpath Injection
    Directory Traversal
    XML Denial of Service
    Error/Output Handling
    Check for Custom Error Pages
    Check for Server Errors displayed
    No sensitive information (ip address, database error messages, filepaths, stack trace) is revea
    Fail Safe Check. If an error/exception is generated, check if application is falling safely on blan
    unauthorized access.
    HTMLEncode() and URLEncode() used to safely output user input
    Authentication Flaws
    Test for SQL injection authentication bypass
    Direct access to internal objects (files,URLs etc.)
    Test for trust relation between linked applications
    Password recovery mechanism is secured (old password is not sent to user, protected against
    Change password mechanism is secured (old password is required,no sensitive hidden param
    if SQL authentication is used, credentials are adequately secured over the wire (SSL) and in st
    Organization password policy implemented
    Password length
    Password complexity
    Password history restriction
    Account lock-out policy implemented
    Single login implemented per user
    Username enumeration not possible
    Protection against brute-force attacks(CAPTCHA)
    Password communication over network should be secure
    Last login date/time displayed
    Test for Back-button browsing(cache management issue)
    Test CSRF protection

    Password in clear text


    Password stored in database using secure hashing mechanism
    Passwords are stored securely as salted hashes.
    Improper Session ID validation(backdoors)
    Public and Restricted areas segregated into separate folders (codebase)
    Password reset mechanism is protected
    Managing locked/non-active accounts
    Existence of 'default/test/dummy' accounts
    Session Management
    Session IDs should be random
    Session IDs should be non-predictable
    Session IDs should have cookie flags implemented (httponly,secure)
    Session time-out implement
    Protection against session fixation
    Protection against session hijacking
    Session variables in GET request
    test for Persistent session variables
    Replay Attack
    Authorization Flaws
    Access to system level resources is restricted(OS command injection,LFI)
    Bypassing user access control matrix
    Test for direct URL access to privileged content/actions (vertical escalation)
    Test for access to content/action of other users (horizontal escalation)
    All roles defined in the application are identified and the resources accessible to each role is k
    Administration interfaces are secured
    Application/Server Misconfiguration
    Directory Indexing disabled
    Sensitive data is not passed in GET URLs
    Test/Default/Backup pages stored on server
    Plain-text files containing sensitive information stored on server(ref: codebase)
    Auto-complete enabled
    Weak SSL ciphersuite enabled
    Information leakage - version disclosure,system file path information, ip address etc.)
    Google Indexed data
    Sensitive data stored in hidden fields
    Application not running with privileged role
    Application logs found
    Application maintains audit-trail of sensitive actions
    Abuse of functionality
    HTTP verbs enabled(Trace,Put,Delete,Propfind)
    UAT-Production environments segregation
    Does UAT store live user data?
    Application Denial of service

    HTTP Response Splitting


    Anti Automation not implemented
    ClickJacking
    Secure Data Storage

    Checks for secure storage of data


    Data storage compliance check of Sensitive data such as Credit Card Details / Passwords / Per
    Cryptography
    The design identifies correct cryptographic algorithm for the application's data encryption req
    Encryption key are secured.
    Encrypting sensitve configuration files
    Business Logic
    Application logic bypass due to improper permissions
    Abuse of Functionalities
    Bypass application process flow

    You might also like