1. Authentication
  1. Brute Force

  2. Insufficient Authentication

  3. Weak Password Recovery Validation

2. Authorization
  1. Credential/Session Prediction

  2. Insufficient Authorization

  3. Insufficient Session Expiration

  4. Session Fixation

3. Client-side Attacks
  1. Content Spoofing

  2. Cross-site Scripting

4. Command Execution
  1. Buffer Overflow
  2. Format String Attack
  3. LDAP Injection
  4. OS Commanding
  5. SQL Injection
  6. SSI Injection
  7. XPath Injection
5. Information Disclosure
  1. Directory Indexing

  2. Information Leakage

  3. Path Traversal

  4. Predictable Resource Location

6. Logical Attacks
  1. Abuse of Functionality

  2. Denial of Service

  3. Insufficient Anti-automation

  4. Insufficient Process Validation

Contact Info:

Telephone: 732-763-2814

tibi@infosecpro.com or service@infosecpro.com

Founded in 2001, InfoSecPro.com provides security across networks, systems, applications and policies to continually improve our customers’ security postures. Our propitiatory methodology employs a wide range of tools, 3rd party products and techniques which can be delivered anywhere in the World.

InfoSecPro.com is privately held, with the principles holding key management positions.

Company Profile

InfoSecPro.com delivers various programs which assist client organizations with the planning and implementation of security policies, legal and regulatory mandate compliance, network security architecture, 3rd party validation of network and application security posture, penetration testing and forensic analysis.

InfoSecPro.com offers a comprehensive suite of services designed to take a holistic approach to client security.  InfoSecPro.com combination of expertise, technology and tested methodologies provide the highest level of quality assurance for identifying and responding to security risks and incidents, offering our customers unrivaled service and reporting metrics.

Customer Profile

InfoSecPro.com clients consist of Fortune 1000 companies and Small & Medium Enterprises (SME’s) within Financial Services, Healthcare, Utility, Manufacturing, Retail, Logistics and Legal industries.  Our vendor neutral approach for continual security posture improvement is a welcomed approach when operating within complex and varied technical environments.

Strategic Partners

InfoSecPro.com maintains a vendor agnostic approach while conducting security assessments. Our knowledgeable consultants continually update their understanding of current and emerging technologies in order to make informed recommendations dependent on individual client needs.

Through our Strategic Partner program, InfoSecPro.com maintains close relationships with key individuals; both technical and management, in order to keep up with a complex and rapidly changing threat environment.  This collaborative approach enables our clients to quickly implement security solutions that most appropriately assess and mitigate risk in sophisticated enterprise-class environments.

To receive your Free Application Vulnerability Assessment for testing of one attack vulnerability of your choice, please submit your payment of $999.00 for a second attack vulnerability test.

Business Name:
Contact Information:
Email Address:

Other members of our business group:

COPYRIGHT (C) 2000 - 2013 InfoSecPro.com ALL RIGHTS RESERVED