Testing for Weak Transport Layer Security
OWASP Web Security Testing Guide 4.2 > 9. Cryptography > 9.1. Testing for Weak Transport Layer Security
ID | Link to Hackinglife | Link to OWASP | Description |
---|---|---|---|
9.1 | WSTG-CRYP-01 | Testing for Weak Transport Layer Security | - Validate the server configuration (Identify weak ciphers/protocols (ie. RC4, BEAST, CRIME, POODLE) - Review the digital certificate's cryptographic strength and validity. - Ensure that the TLS security is not bypassable and is properly implemented across the application. |