52ky 发表于 2022-9-21 11:01:21

WEB安全性测试测试用例(基础)

WEB安全性测试测试用例(基础)WEB安全性测试测试用例(基础)建立全体的威胁模型,测试溢出漏洞、信息泄露、错误管理、SQL注入、身份验证和授权错误.1.输入验证客户端验证服务器端验证(禁用脚本调试,禁用Cookies)1.输入很大的数(如4,294,967,269),输入很小的数(负数)2.输入超长字符,如对输入文字长度有限制,则测试超越限制,刚好抵达限制字数时有何反响3.输入特别字符,如:~!@#$%^
()_+lt;gt;:”{}4.输入中英文空格,输入字符串中间含空格,输入首尾空格5.输入特别字符串NULL,null,0x0d0x0a6.输入正常字符串
WEB安全性测试测试用例(基础).doc

(WEB security test test case (basic) WEB security test test case (basic) establishes an overall threat model, and tests overflow vulnerabilities, information leakage, error management, SQL injection, authentication and authorization errors. 1. Input verification client verification Server-side verification (disable script debugging, disable Cookies) 1. Enter a large number (such as 4,294,967,269), enter a small number (negative number) 2. Enter extra long characters, if there is a limit on the length of the input text, the test exceeds the limit , what's the reaction when the limit is reached 3. Enter special characters, such as: ~!@#$%^
()_ lt;gt;:"{}4. Enter Chinese and English spaces, enter spaces in the middle of the input string, enter spaces at the beginning and end 5. Enter special strings NULL, null, 0x0d0x0a6. Enter normal strings
WEB security test test case (basic).doc)




页: [1]
查看完整版本: WEB安全性测试测试用例(基础)