Testing for Sensitive Information Sent via Unencrypted Channels
OWASP Web Security Testing Guide 4.2 > 9. Cryptography > 9.3. Testing for Sensitive Information Sent via Unencrypted Channels
ID | Link to Hackinglife | Link to OWASP | Description |
---|---|---|---|
9.3 | WSTG-CRYP-03 | Testing for Sensitive Information Sent via Unencrypted Channels | - Identify sensitive information transmitted through the various channels. - Assess the privacy and security of the channels used. - Check sensitive data during the transmission: • Information used in authentication (e.g. Credentials, PINs, Session, identifiers, Tokens, Cookies…), • Information protected by laws, regulations or specific organizational, policy (e.g. Credit Cards, Customers data) |