Test Defenses Against Application Misuse
OWASP Web Security Testing Guide 4.2 > 10. Business logic Testing > 10.7. Test Defenses Against Application Misuse
ID | Link to Hackinglife | Link to OWASP | Description |
---|---|---|---|
10.7 | WSTG-BUSL-07 | Test Defenses Against Application Misuse | - Generate notes from all tests conducted against the system. - Review which tests had a different functionality based on aggressive input. - Understand the defenses in place and verify if they are enough to protect the system against bypassing techniques. - Measures that might indicate the application has in-built self-defense: • Changed responses • Blocked requests • Actions that log a user out or lock their account |