Transporte 1.1.1.21

Índice

Teste	Referência OWASP	Resultado
Review Webpage Comments and Metadata for Information Leakage	OTG-INFO-005	Ok
Test Application Platform Configuration	OTG-CONFIG-002	na
Test File Extensions Handling for Sensitive Information	OTG-CONFIG-003	Ok
Review Old, Backup and Unreferenced Files for Sensitive Information	OTG-CONFIG-004	F
Test HTTP Methods	OTG-CONFIG-006	na
Test HTTP Strict Transport Security	OTG-CONFIG-007	F
Test RIA cross domain policy	OTG-CONFIG-008	na
Test Role Definitions	OTG-IDENT-001	na
Test User Registration Process	OTG-IDENT-002	na
Test Account Provisioning Process	OTG-IDENT-003	na
Testing for Account Enumeration and Guessable User Account	OTG-IDENT-004	Ok
Testing for Credentials Transported over an Encrypted Channel	OTG-AUTHN-001	F
Testing for default credentials	OTG-AUTHN-002	Ok
Testing for Weak lock out mechanism	OTG-AUTHN-003	na
Testing for Bypassing Authentication Schema	OTG-AUTHN-004	Ok
Testing for Vulnerable Remember Password	OTG-AUTHN-005	na
Testing for Browser cache weakness	OTG-AUTHN-006	Ok
Testing for Weak password policy	OTG-AUTHN-007	na
Testing for weak password change or reset functionalities	OTG-AUTHN-009	na
Testing for Weaker authentication in alternative channel	OTG-AUTHN-010	na
Testing Directory traversal/file include	OTG-AUTHZ-001	Ok
Testing for Bypassing Authorization Schema	OTG-AUTHZ-002	F
Testing for Privilege escalation	OTG-AUTHZ-003	Ok
Testing for Insecure Direct Object References	OTG-AUTHZ-004	F
Testing for Session Management Schema	OTG-SESS-001	F
Testing for cookies attributes	OTG-SESS-002	Ok