Explain about Security Testing in webbased application?
Answer Posted / ramyab.mca@gmail.com
Hai...
Security Testing:
Following are some test cases for web security testing:
Test by pasting internal url directly into browser address
bar without login. Internal pages should not open.
If you are logged in using username and password and
browsing internal pages then try changing url options
directly. I.e. If you are checking some publisher site
statistics with publisher site ID= 123. Try directly
changing the url site ID parameter to different site ID
which is not related to logged in user. Access should
denied for this user to view others stats.
Try some invalid inputs in input fields like login
username, password, input text boxes. Check the system
reaction on all invalid inputs.
Web directories or files should not be accessible directly
unless given download option.
Test the CAPTCHA for automates scripts logins.
Test if SSL is used for security measures. If used proper
message should get displayed when user switch from non-
secure http:// pages to secure https:// pages and vice
versa.
All transactions, error messages, security breach attempts
should get logged in log files somewhere on web server.
K,Byeee...
Thanks & Regards
B.Ramyasri
Is This Answer Correct ? | 8 Yes | 2 No |
Post New Answer View All Answers
How could we start writing testcases without having the FRS,BRS Docs? My Project has some docs that are related to explain the operations which will be done in the application. It is deployed in UAT server and is a maintainance project. Tell me some technipues or best way to provide the quality to application?
How do i write a test condition to test the following simple program with the intention of 100% statement coverage Print “Hello World” If Date $ = ‘01-01-2000’ then Print “Happy New Year” END IF PRINT “The date is = “Date $ PRINT “The time is = “Time $ END Could anyone please clarify in detail. Would really appreciate it....
Write the 10 high test cases for making video call/face time
discuss black box and white box testing is not widely used if you disagree tell me why?
1. what is a date guidelines ?
what are the typical problems in web testing?
Hi All I want discuss abt Testing tools is any one available online in google chat?
What are the main key components in web applications and client and server applications? And explain the differences between them?
Could some one tell me test cases for multi line text boxes like Notes field?
how will you test transfer funds module...explain in detail
Can you please provide me the standard testcase review templete and Test plan templete.In my company we are not following any Standards templete so.Please guve me some Excell attachments.
What a team leader will test first when s/he will get new module to test?
What is benchmark testing? hi friends... can anyone suggest the correct answer plz...
I studied MBA, I want learn any softwarecourse, which course is better hadoop or testing tools(manual+selenium?)
how to create automation frame work ?