SDLC (Software Development Life Cycle) – Phases & SSDLC (Secure Software Development Life Cycle)

Types of Testing & types of hackers

Cybersecurity, PT (Penetration Testing) – Types & Phases

CIA Triad & USF (Unified Security Framework) Client-Server Communication

Overview and basics of VAPT (Vulnerability Assessment and Penetration Testing)

OWASP TOP 10 overview

OWASP Security testing methodology

SANS Top 25 overview

Understanding difference between Static & Dynamic Applications thin & think client

Analysis of the application flow

Analysis of the application functionalities and their functional cycle

About Authentication Process Cycle

Understanding different login patterns

Introduction of Burp Suite

Authentication Bypass using SQL payloads

Login Brute force

User Enumeration and Hard Coded Credentials

Insecure Logout Implementation

Strict Transport Security Not Enforced

Testing OTP Length, Duration & Rate Limitation

Mobile/Email OTP Bombing

Leakage of OTP in Later Response

Response Tampering OTP Bypass

Testing IDOR – Token Based Authentication

Sending User Credentials using GET method

About User Registration Process Cycle

Testing Input Validation – XSS

Verification of Email address / Mobile Number

Weak Username or un-enforced policies

Weak password policies

About Password Reset Functionality Cycle

Testing authorization issue in-case of UID & Token

Testing Life time of reset link

Predictability of the token encryption (Base64 based encryption)

Testing password reset token expiration

About Sensitive Data Exposure depending on Application Category

Insecure Error Handling

Information disclosure via metadata

Insecure communication channel

Hidden/sensitive directories & files in robots.txt

Return of sensitive information in later responses (example: password, otp, other user’s private/sensitive information)

About API Communication

Authorization Header Analysis (Basic Authentication token Barer Token • None • Custom)

About JWT Token pattern

Un-Authenticated/Anonymous Access

Understanding the cookie Life Cycle

Weakness in cookie life cycle

Cookie with sensitive data

XSS via cookie

Missing HTTP only Flag

Missing Secure Flag Analysing authorization/privileges implementation through cookies

CRLF Injection

Host Header Injection

Cross Origin Resource Sharing

Click Jacking

URL Redirection

Testing for Insecure Logout Implementation

Testing for CSRF Vulnerability

Bypass Methods of CSRF Vulnerability

Concept of Access Control & RBAC

Insecure Direct Object Reference (IDOR)

Testing for Vertical Privilege Escalation

Testing Horizontal Privilege Escalation

Directory Traversal

Malicious file upload

Cross Site Scripting and CSV Injection

HTTP Parameter Solution

Remote Code Execution

SQL Injection

XML Injection / XXE

OS Command Injection

Testing for SSRF and Template Injection

About different payment methods Integration

About Payment Tampering Method

Straight Forward Payment Tampering

Add-on Based Payment Tampering

Coupon Based Payment Tampering

Longitude and Latitude based payment tampering (In Case of CAB booking, if validation process depends on Long & Lat)

Failure to Success Journey

HTTP Parameter pollution (In case of Amount parameter)

Getting High Benefits Features with Low Benefit cost (In case of Feature id)

Test with Fake DC/CC with CVV

Sensitive information Leakage

Insecure Direct Object Reference (Getting Booking & Billing Details, in case of E-Comers application)

Testing IDOR (In case QR Code generated based on ID value)

Bypassing Attaching Mandatory Entities

Outdated Framework /CRM/ WordPress

Enabled Directory Listing

Default accounts with default passwords

Reflected File Download

Accessing Default Files (i.e: phpmyadmin)

Web Cache Poisoning

Pixel Flood Attack

Overview of Network PT