1. Authentication
  1. Brute Force

  2. Insufficient Authentication

  3. Weak Password Recovery Validation

2. Authorization
  1. Credential/Session Prediction

  2. Insufficient Authorization

  3. Insufficient Session Expiration

  4. Session Fixation

3. Client-side Attacks
  1. Content Spoofing

  2. Cross-site Scripting

4. Command Execution
  1. Buffer Overflow
  2. Format String Attack
  3. LDAP Injection
  4. OS Commanding
  5. SQL Injection
  6. SSI Injection
  7. XPath Injection
5. Information Disclosure
  1. Directory Indexing

  2. Information Leakage

  3. Path Traversal

  4. Predictable Resource Location

6. Logical Attacks
  1. Abuse of Functionality

  2. Denial of Service

  3. Insufficient Anti-automation

  4. Insufficient Process Validation

Application Security assessment

Don’t forget about your applications. According to the latest research, 75% of the targeted attacks in 2008 where against web based applications and certain evidence suggests that 90% or more of the newly discovered vulnerabilities are application specific.

INFOSECPRO’s proprietary application testing methodology takes the view of a malicious hacker. Our Web-Application Security Assessment offers a comprehensive examination and testing of web-applications. INFOSECPRO attempts to breach the customer’s application via (either or both) secure or insecure channels simulating “unauthorized access” to critical and confidential data, system resources and also initiating functionality perversion.

Specifically, INFOSECPRO will:

  • Identify obvious and obscure system entry points.
  • Attempt to circumvent implemented access control mechanisms to gain access to restricted areas, critical and confidential data, system resources, covert channels and databases.
  • Determine the application’s susceptibility to compromise.
  • Identify and prioritize vulnerabilities and other problematic issues.
  • Deliver detailed recommendations designed to remedy deficiencies and secure the application.

Conducting source code reviews for security vulnerabilities is a great way to expose insecure code within applications or within critical components of applications. The intent is to mitigate the risk of coding errors or flaws in architectural design that can expose sensitive data as early in the development lifecycle as possible.

For a few pages of a report sample, please click here.

To receive your Free Application Vulnerability Assessment for testing of one attack vulnerability of your choice, please submit your payment of $999.00 for a second attack vulnerability test.
B E T T E R: Please submit your payment of $1999.00 for a complete Application Vulnerability Assessment covering over 25 attack methods.
Business Name:
Contact Information:
Email Address:
URL or IP address:

Other members of our business group:

COPYRIGHT (C) 2000 - 2013 InfoSecPro.com ALL RIGHTS RESERVED