当前位置:网站首页>安全测试涉及的测试对象
安全测试涉及的测试对象
2022-07-06 09:13:00 【As。】
安全测试的关键点: 数据流,输入输出
测试对象:服务器、数据库、第三方服务及接口、web应用程序
1.应用程序的部署环境(服务器)
操作系统用户名以及密码的强度 操作系统用户
用户组以及权限设置
系统漏洞以及补丁
应用部署环境目录以及文件安全
防火墙以及网络端口设置
2.数据库
数据库服务器版本以及漏洞
用户名和密码设置
数据库的用户权限设置以及授权设置
数据库服务器端口以及网络连接设置
3.web应用安全测试
sql注入
表单漏洞
cookie欺骗
session测试
日志文件测试
跨站攻击
认证以及会话攻击
不安全对象直接引用攻击
4.第三方服务以及接口
服务系统版本以及漏洞
安全性配置测试
数据传输安全性测试
数据合法性测试 数据完整性测试
边栏推荐
- Global and Chinese markets for aprotic solvents 2022-2028: Research Report on technology, participants, trends, market size and share
- 虚拟机Ping通主机,主机Ping不通虚拟机
- Invalid default value for 'create appears when importing SQL_ Time 'error reporting solution
- 解决:log4j:WARN Please initialize the log4j system properly.
- Mysql33 multi version concurrency control
- CSDN-NLP:基于技能树和弱监督学习的博文难度等级分类 (一)
- A trip to Macao - > see the world from a non line city to Macao
- Ansible实战系列二 _ Playbook入门
- CSDN问答标签技能树(二) —— 效果优化
- Water and rain condition monitoring reservoir water and rain condition online monitoring
猜你喜欢
Win10: how to modify the priority of dual network cards?
Swagger、Yapi接口管理服务_SE
Mysql33 multi version concurrency control
MySQL主從複制、讀寫分離
[recommended by bloggers] C WinForm regularly sends email (with source code)
CSDN问答标签技能树(一) —— 基本框架的构建
【博主推荐】C#生成好看的二维码(附源码)
Some problems in the development of unity3d upgraded 2020 VR
CSDN markdown editor
MySQL22-逻辑架构
随机推荐
Postman uses scripts to modify the values of environment variables
Kubesphere - deploy the actual combat with the deployment file (3)
Pytoch LSTM implementation process (visual version)
Csdn-nlp: difficulty level classification of blog posts based on skill tree and weak supervised learning (I)
Ubuntu 20.04 安装 MySQL
[Li Kou 387] the first unique character in the string
Baidu Encyclopedia data crawling and content classification and recognition
[ahoi2009]chess Chinese chess - combination number optimization shape pressure DP
MySQL 20 MySQL data directory
Global and Chinese market of wafer processing robots 2022-2028: Research Report on technology, participants, trends, market size and share
Global and Chinese market of thermal mixers 2022-2028: Research Report on technology, participants, trends, market size and share
How to change php INI file supports PDO abstraction layer
记某公司面试算法题:查找一个有序数组某个数字出现的次数
CSDN Q & a tag skill tree (V) -- cloud native skill tree
Did you forget to register or load this tag 报错解决方法
CSDN问答标签技能树(一) —— 基本框架的构建
Solve the problem that XML, YML and properties file configurations cannot be scanned
MySQL18-MySQL8其它新特性
MySQL completely uninstalled (windows, MAC, Linux)
++Implementation of I and i++