Vulnerability Wiki

CheckList

This Wiki is a specialized database offering Proof of Concepts for vulnerabilities, designed as a resource for pentesters. The findings are organized according to OWASP ASVS categories.

Our CheckList For Bug Hunting

V2 - Authentication +

Authentication mechanisms ensuring users are who they claim to be.

  • Weak Password Policy:
      Inadequate password complexity requirements.
  • Brute Force Attack:
      Lack of account lockout mechanisms.
V3 - Session Management +

Mechanisms to manage user sessions securely and prevent hijacking.

  • Session Fixation:
      Session tokens not regenerated after login.
  • Session Hijacking:
      Insecure session tokens susceptible to interception.
V4 - Access Control +

Ensuring users can only access resources they are authorized for.

  • Insecure Direct Object References (IDOR):
      Insufficient authorization checks.
  • Privilege Escalation:
      Users can gain unauthorized access to higher privileges.
V5 - Validation / Sanitization +

Properly handling and validating user input to prevent attacks.

  • SQL Injection:
      User input is not properly sanitized before being used in SQL queries.
  • Cross-Site Scripting (XSS):
      Lack of proper output encoding in web pages.
V6 - Cryptography +

Using strong encryption methods to protect data in transit and storage.

  • Weak Encryption:
      Usage of deprecated or weak cryptographic algorithms.
  • Insecure Key Management:
      Keys are stored in plaintext or improperly protected.
V7 - Error Logging +

Securely logging errors without exposing sensitive data.

  • Verbose Error Messages:
      Error messages revealing sensitive information.
  • Logging Sensitive Data:
      Sensitive data like passwords logged in plaintext.
V8 - Data Protection +

Ensuring that data is protected both at rest and in transit.

  • Insecure Data Storage:
      Sensitive data stored without encryption.
  • Data Leakage:
      Accidental exposure of data to unauthorized parties.
V9 - Communication +

Secure communication channels between clients and servers.

  • Insecure Transport Layer:
      Lack of HTTPS or improper SSL/TLS configuration.
  • Man-in-the-Middle Attack:
      Unencrypted data vulnerable to interception.
V10 - Malicious Code +

Preventing the injection of malicious code into the application.

  • Code Injection:
      Untrusted data used in the construction of commands or queries.
  • Cross-Site Scripting (XSS):
      Injection of malicious scripts into web pages.
V11 - Business Logic +

Ensuring business rules are enforced correctly in the application.

  • Insufficient Workflow Validation:
      Bypassing steps in a business process.
  • Business Rule Manipulation:
      Altering business logic to gain an unfair advantage.
V12 - File Resources +

Ensure that a verified application satisfies the following high level requirements:

  • Untrusted file data should be handled accordingly and in a secure manner. Bypassing steps in a business process.
  • Untrusted file data obtained from untrusted sources are stored outside the web root and with limited permissions.
V13 - API +

Ensure that a verified application that uses trusted service layer APIs (commonly using JSON or XML or GraphQL) has:

  • Adequate authentication, session management and authorization of all web services.
  • Input validation of all parameters that transit from a lower to higher trust level.
  • Effective security controls for all API types, including cloud and Serverless API
  • Please read this chapter in combination with all other chapters at this same level; we no longer duplicate authentication or API session management concerns.