Vulnerability Test English (en) français (fr)

From thinktank

Jump to: navigation, search
disambiguation
This is a stub page, in other words an article too short to provide more than rudimentary information about a subject. Anyone can edit a stub article, or remove a stub template from an article which is no longer a stub.

DIGIT offers 2 types of vulnerability tests:

black box testing
no access to source code is required; is not specific to a coding language; needs a working website (a target URL);
white box testing
requires access to source code; is dependent upon the coding language; no absolute need for a working application target (but it helps).

The vulnerabilities are classified in

  1. high,
  2. medium and
  3. low

risk

and also by type of processing: such as

  • "user interface input/output handling" or
  • "authentication and session management",
  • "access control" and
  • "business logic".
Personal tools