1
Vote

Random thoughts from Adrien

description

  • Dump the contents of all JSON arrays, or just flag that a ton of data is being pushed down but not displayed
  • List all hidden or disabled fields
  • Collect all cookies
  • Flag cookies that might be used for session management with stupidly short values?
  • Try to identify potential CSRF (predictable parameters)
  • Identify potential CRLF injection (HTTP response splitting)
  • Identify if client side validation is being pushed down to the browser
  • Possibly more information disclosure checks
  • Clear text passwords
  • Forms with autocomplete
  • Directory indexes or that allow uploads
  • A general check for files known to have common vulnerabilities?
  • Fingerprint server, frameworks, ...

comments