monitornodejstestversion v0.2.9

auto-protect-expressjs-security-

Web Application Security Dashboard

This repository contains a collection of security vulnerabilities and attack vectors commonly found in web applications. The data is organized into categories, each containing a list of use cases related to that category.

Categories

Broken Authentication and Session Management

Injection

• Application is vulnerable to Command injection attack
• Application is vulnerable to HTML injection attack
• Application is vulnerable to iframe injection attack
• Application is vulnerable to SQL Injection
• Application is vulnerable to XML injection

SSL

• SSL Information

Error Message

• Server Error Message

Insecure Direct Object References

• Directory listing is enabled on the server
• HTTP parameter pollution
• The remote server contains a 'robots.txt' file

Security Misconfiguration

• Application accepts arbitrary methods
• Dangerous HTTP methods are enabled on the server
• OPTIONS method enabled

Sensitive Data Exposure

• An adversary can fingerprint the web server from the HTTP responses
• An adversary can harvest email ids for spamming
• Application's server side source code disclosure
• Critical information in URL
• Default web-page present in the server
• Sensitive data is accessible from cache
• Sensitive information revealed in HTTP response
• Cleartext Password returned in login response

Unvalidated Redirects and Forwards

• The application is vulnerable to a URL redirection flaw

Cross-Site Scripting (XSS)

• Application is vulnerable to cross frame scripting
• Application is vulnerable to Cross Site Scripting attack
• Application is vulnerable to stored Cross Site Scripting attack
• Is XSS possible via CSS injection?

Miscellaneous Attacks

• Application accepts special characters as user inputs
• Auto-complete is enabled for sensitive fields
• captcha can be bypassed
• Captcha is not implemented for publicly available forms
• click jacking
• Default/Test files found on the web server
• Developer comments revealed in page source
• Email Flooding
• Insecure administrator login name
• Server Side input validations are not in place
• Temporary account lockout feature is not implemented
• Weak auditing and logging mechanisms
• DOS using sql wildcards
• OTPs and credentials communicated in clear text on emails
• Can Registrations override another user's record or username or email address?
• Can Profile updations override another user's record or username or email address, thereby taking over another user's identity?
• Submit a valid username and invalid password and see if the application has already created a valid session even though login process generated an error response
• Vulnerabilities in known components

Sensitive Data stored in local storage

• Is sensitive data or session token stored in local data storage of browser?

Weak Cross domain policy

• Is "allow-access-from domain" in cross-domain.xml policy file set to * or unauthorized domains?
• Is "Origin" header in client request validated at the server?
• Is "Access-Control-Allow-Origin" header in server response is set securely?

XML External Entity Attack

• Is "allow-access-from domain" in cross-domain.xml policy file set to * or unauthorized domains?