1. Authentication
  1. Brute Force

  2. Insufficient Authentication

  3. Weak Password Recovery Validation

2. Authorization
  1. Credential/Session Prediction

  2. Insufficient Authorization

  3. Insufficient Session Expiration

  4. Session Fixation

3. Client-side Attacks
  1. Content Spoofing

  2. Cross-site Scripting

4. Command Execution
  1. Buffer Overflow
  2. Format String Attack
  3. LDAP Injection
  4. OS Commanding
  5. SQL Injection
  6. SSI Injection
  7. XPath Injection
5. Information Disclosure
  1. Directory Indexing

  2. Information Leakage

  3. Path Traversal

  4. Predictable Resource Location

6. Logical Attacks
  1. Abuse of Functionality

  2. Denial of Service

  3. Insufficient Anti-automation

  4. Insufficient Process Validation

Security assessment

Security assessment should be an integral part of any Information Security Management System. Security controls selected during the risk management process and later implemented should be regularly tested for efficiency and effectiveness, thereby ensuring their proper implementation and fulfillment of security requirements.

Security assessments are performed by a qualified and experienced team of information security experts. The quality and proficiency of our security assessment services is recognized among many of our clients. Particular attention is paid to the security research area where our research team have discovered multiple vulnerabilities in various commercial and open source products. By investing in security research, InfoSecPro.com is making an active contribution to global information security. This ultimately benefits our clients and others enabling them to protect their systems.

Security assessments will vary by the extent, methods and the complexity which can be determined by the business and the security requirements of the assessed system. Business critical systems, such as public available servers, databases, business applications etc. are commonly submitted for extensive testing, while less critical elements like client workstations are usually tested using faster and simpler methods.

InfoSecPro.com provides the following security assessment services for our clients:

For a few pages of a report sample, please click here.

To receive your Free Application Vulnerability Assessment for testing of one attack vulnerability of your choice, please submit your payment of $99.00 for a second attack vulnerability test.

B E T T E R: Please submit your payment of $999.00 for a complete Application Vulnerability Assessment covering over 25 attack methods.

Business Name:
Contact Information:
Email Address:
URL or IP address:

Other members of our business group:
Ethanol-Bio-Fuel.com | USRenewableConsultant.com | Computer Penetration Testing
Counter Competitive Intelligence Security Company | Mobile Devices Security | WiMax Security
Press Release Distribution | Security Engineering | HIPAAConsultant.us

COPYRIGHT (C) 2000 - 2007 InfoSecPro.com ALL RIGHTS RESERVED