Cornucopia 9

NB: The key concept for this card is protection of administrative web interfaces such as Content Management System (CMS), database and server web control panels.

How to play?

Michael can bypass the application to gain access to data because administrative tools or administrative interfaces are not secured adequately

Mappings

Owasp ASVS (4.0): 1.4.3 ,1.4.5 ,4.3.1

Capec: 122 ,233

Owasp SCP: 23,29,56,81,82,84,85,86,87,88,89,90

Owasp Appsensor:

Safecode:

ASVS (4.0) Cheatsheetseries Index

ASVS V1.4 - Access Control Architectural Requirements

ASVS V4.3 - Other Access Control Considerations

Attacks

Cross-Site Scripting (XSS)

Password Guessing/Brute Force Attacks

Social engineering attack

Session Hijacking (Man-in-the-Middle)

Loading comments 0%

View source on GitHub