Skip to content

Instantly share code, notes, and snippets.

@patrickceg

patrickceg/wstg583.md

Last active April 5, 2021 19:53
Show Gist options
  • Save patrickceg/79900464dfd23ca349970f2d8efd51ae to your computer and use it in GitHub Desktop.
Save patrickceg/79900464dfd23ca349970f2d8efd51ae to your computer and use it in GitHub Desktop.
Download ZIP
wstg583.md
Raw
wstg583.md

For OWASP/wstg#583

Documents with captures and requests:

HTTP responses OK document\4-Web_Application_Security_Testing\01-Information_Gathering\02-Fingerprint_Web_Server.md

Curl and HTTP responses OK document\4-Web_Application_Security_Testing\01-Information_Gathering\03-Review_Webserver_Metafiles_for_Information_Leakage.md

ncat to server OK document\4-Web_Application_Security_Testing\01-Information_Gathering\04-Enumerate_Applications_on_Webserver.md

HTTP requests OK document\4-Web_Application_Security_Testing\01-Information_Gathering\06-Identify_Application_Entry_Points.md

netcat document\4-Web_Application_Security_Testing\01-Information_Gathering\08-Fingerprint_Web_Application_Framework.md

HTTP requests document\4-Web_Application_Security_Testing\02-Configuration_and_Deployment_Management_Testing\06-Test_HTTP_Methods.md

CURL document\4-Web_Application_Security_Testing\02-Configuration_and_Deployment_Management_Testing\07-Test_HTTP_Strict_Transport_Security.md

HTTP requests

  • Change request response language tags from HTML to HTTP - document\4-Web_Application_Security_Testing\04-Authentication_Testing\01-Testing_for_Credentials_Transported_over_an_Encrypted_Channel.md

HTTP request OK document\4-Web_Application_Security_Testing\04-Authentication_Testing\04-Testing_for_Bypassing_Authentication_Schema.md

HTTP requests with JSON payloads

  • Change request response language tags from HTML to HTTP - document\4-Web_Application_Security_Testing\05-Authorization_Testing\02-Testing_for_Bypassing_Authorization_Schema.md

HTTP requests

OK document\4-Web_Application_Security_Testing\05-Authorization_Testing\03-Testing_for_Privilege_Escalation.md

HTTP requests

  • Change request response language tags from HTML to HTTP - document\4-Web_Application_Security_Testing\06-Session_Management_Testing\03-Testing_for_Session_Fixation.md

HTTP request

OK document\4-Web_Application_Security_Testing\06-Session_Management_Testing\04-Testing_for_Exposed_Session_Variables.md

HTTP request

OK document\4-Web_Application_Security_Testing\07-Input_Validation_Testing\02-Testing_for_Stored_Cross_Site_Scripting.md

HTTP request

  • Change request response language tags from TXT to HTTP - document\4-Web_Application_Security_Testing\07-Input_Validation_Testing\05.3-Testing_for_SQL_Server.md

HTTP request

  • Change request response language tags from TXT to HTTP - document\4-Web_Application_Security_Testing\07-Input_Validation_Testing\12-Testing_for_Command_Injection.md

HTTP response (without request)

  • Change <snip> to ... document\4-Web_Application_Security_Testing\07-Input_Validation_Testing\15-Testing_for_HTTP_Splitting_Smuggling.md

HTTP request

  • Replace [...] with ... for consistency (as the article uses both for some reason) document\4-Web_Application_Security_Testing\07-Input_Validation_Testing\17-Testing_for_Host_Header_Injection.md

HTTP request

  • Reformat the requests document\4-Web_Application_Security_Testing\09-Testing_for_Weak_Cryptography\03-Testing_for_Sensitive_Information_Sent_via_Unencrypted_Channels.md

HTTP request

  • Change request response language tags from HTML to HTTP, optionally change [...] to ... -document\4-Web_Application_Security_Testing\11-Client-side_Testing\07-Testing_Cross_Origin_Resource_Sharing.md

HTTP request

  • Change request response language tags from TEXT to HTTP, document\4-Web_Application_Security_Testing\11-Client-side_Testing\13-Testing_for_Cross_Site_Script_Inclusion.md
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment