Meaning of Certified Secure Web Application Security Test Checklist

Viewing 1 reply thread
  • Author
    Posts
    • #177670
      duken_d
      Participant

      Hi, I am beginner in pent testing subject. I found some Secure Web Application Security Test Checklist on google, but some of the test case meaning is not clear to me.

      Is there some source where can I find more detail description of their meaning?

      Example:

      What is meaning of Test for accessible debug functionality within Information Disclosure section ?

    • #177808
      Michael J. Conway
      Participant

      While testing a web application, does it give you debugging information? Does it present a stack trace? Or does it give you a generic error message? That is what that check is looking for. Sometimes web applications leave debug set to true when they get moved to production. The result is that a user is given the stack trace when an error is encountered rather than a generic error message. That stack trace can indicate the technologies or other information about what the application is running on that should not be disclosed.

Viewing 1 reply thread
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?