Generalized test cases for security testing web applications RRS feed

  • Question

  • Can any body share the test cases used for security testing of web applications. Like to test XSS vulnerability one should perform the below test:

    Enter the string: "<script>alert('hello')</script>"  in the text  box and submit to the SERVER, If the server responds back with a pop-up box that says "hello", then the Web site is vulnerable to cross site scripting

    A similar suggestion is given by Rashmi at http://social.msdn.microsoft.com/Forums/is/softwaretesting/thread/65fa0f25-1f25-4c13-92f4-9c35ffd46d74 so if Rashmi or any one can share an exhaustive list then that would really help. 

    somen das
    Friday, July 22, 2011 8:18 AM