Testing for Bypassing Authorization Schema
OWASP
OWASP Web Security Testing Guide 4.2 > 5. Authorization Testing > 5.2. Testing for Bypassing Authorization Schema
ID | Link to Hackinglife | Link to OWASP | Description |
---|---|---|---|
5.2 | WSTG-ATHZ-02 | Testing for Bypassing Authorization Schema | - Assess if horizontal or vertical access is possible. - Access to Administrative functions by force browsing (/admin/addUser) |
See my notes
- Broken access control: What is it. How this attack works. Attack classification. Types of databases. Payloads. Dictionaries.