Penetration testing – Discovery
Penetration testing – Discovery: The process of gathering as much information as possible about the target system, network, or application. This could include data about IP addresses, domain details, user inputs, network mapping, and more. The intention here is to identify potential vulnerabilities or weak spots that can be targeted during the test, often utilizing […]
Penetration testing – Exploitation
Penetration testing – Exploitation: A phase of a penetration test where identified vulnerabilities are actually attacked. The tester attempts to exploit these vulnerabilities in a controlled manner to emulate potential attacks an actual hacker could perform. The goal of this phase is not to cause damage but rather to understand the depth of access an […]
Penetration testing – Reporting
Penetration testing – Reporting: The final phase of penetration testing. After the discovery and exploitation phases, all findings, including vulnerabilities, data breaches, and successful exploits, are compiled into a comprehensive report. This report provides an overview of the test’s findings and offers suggestions for improving the system’s security. It’s a crucial document for understanding the […]
Numeric check
Numeric check: A numeric check is a data validation technique used to ensure that numerical input or data conforms to specified formats, ranges, or values. It is essential for maintaining data integrity and can prevent errors related to incorrect data entry. Examples include validating that a phone number contains only digits or that an age […]
Limit check
Limit check: A security measure that sets a restriction on the amount of data that can be accessed or processed within a specific timeframe. It is used to prevent unauthorized access to sensitive information and minimize the potential impact of security breaches. Examples include restrictions on the number of login attempts and the amount of […]
Misuse case testing
Misuse case testing: Misuse case testing is an approach in software testing that involves analyzing and creating test cases based on how an application should not be used. It anticipates malicious behaviors or scenarios and tests the application’s response to such misuse, like input validation errors or unauthorized attempts to access data, aiming to identify […]