Wiki
CtrlK
  • Introduction
  • ๐Ÿ‘พPenetration Testing
    • Application Security
    • Infrastructure Security
    • SSL/TLS Security
    • Secure Code Review
    • Cloud Security
    • Social Engineering
    • Tool Usage
    • Errors and Solutions
    • Scoping
    • OSINT
  • โŒจ๏ธProgramming
    • Automation
    • Python
  • ๐ŸŒMiscellaneous
    • Scripts
    • Favourite Reads/Links
    • Hacking Posters
    • Windows Developer VMs
    • Windows Workspaces
    • GitHub Pages
    • Interview Prep
    • CVSS Formula
    • Android Rooting
    • Presentation Slides
  • ๐ŸžVulnerability Wiki
    • ๐ŸŒAPPLICATION LEVEL
      • ๐Ÿ”’AUTHENTICATION
        • Authentication Bypass
        • Lack of Password Confirmation
        • 2FA Code Brute-forceable
        • Lack of Verification
        • Lack of Throttling on Form Submissions
        • Lack of Rate Limiting on Login
        • Weak Password Complexity Rules
        • ๐Ÿ–ฅ๏ธSESSION MANAGEMENT
        • ๐Ÿ”‘ACCESS CONTROL
      • ๐Ÿ”ขINPUT VALIDATION
      • โž—CRYPTOGRAPHY
      • ๐Ÿ“‰LOGGING
      • ๐Ÿ“•DATA PROTECTION
      • ๐Ÿ“ฒCOMMUNICATION
      • ๐Ÿ‘จโ€๐Ÿ’ปMALICIOUS CODE
      • ๐Ÿ’กLOGIC
      • ๐Ÿ—„๏ธFILE UPLOAD
      • โš™๏ธAPI ISSUES
      • ๐Ÿ”CONFIGURATIONS
    • ๐Ÿ’พINFRASTRUCTURE LEVEL
Powered by GitBook
On this page

Was this helpful?

  1. ๐ŸžVulnerability Wiki
  2. ๐ŸŒAPPLICATION LEVEL

๐Ÿ”’AUTHENTICATION

Authentication BypassLack of Password Confirmation2FA Code Brute-forceableLack of VerificationLack of Throttling on Form SubmissionsLack of Rate Limiting on LoginWeak Password Complexity Rules๐Ÿ–ฅ๏ธSESSION MANAGEMENT๐Ÿ”‘ACCESS CONTROL
PreviousAPPLICATION LEVELNextAuthentication Bypass

Last updated 2 years ago

Was this helpful?