Authorization Testing

1. Testing for Path Traversal
First, we test if it is possible to find a way to execute a path traversal attack and access reserved information
About input vector:










2. Testing for bypassing authorization schema
This kind of test focuses on verifying how the authorization schema has been implemented for each role/privilege to get
access to reserved functions/resources.
3. Testing for Privilege Escalation
During this phase, the tester should verify that it is not possible for a user to modify his or her privileges/roles inside the
application in ways that could allow privilege escalation attacks.

Comments

Popular posts from this blog

Grabbing Proxy With Selenium and Python

Bypass HTML Field Restrictions