Important WebApp Secure Code Review Assessment Keywords
Distributed by TestInsane - www.testinsane.com
Authentication
password
impersonate
get.Local.Host()
Session Management
cookie.secure
secure
httpOnly
requireSSL
timeout
method
Encryption
RC4
md5
keyGen
random
base64
Error Codes
On Error
Exception
catch
system.out.printline
Data Transmission
get
trace
allowNetworking
http
allowDomain()
allowScriptAccess
Information Disclosure
Debug
trace()
master
visa
method="GET"
location.href
cc
stacktrace
Database Security
execute
delete
executeQuery
Server.Create.Object
GetString
SqlDataAdapter
Input Validation - Injection Attack
InputStream
FileInputStream
java.io.FileReader
java.io.FileWriter
java.io.File
request.url
request.files
request.getParameter
FlashVar
getURL()
navigateToURL()
Output Validation - XSS and Other Attacks
respone.write
UrlEncode
HtmlEncode
innerHTML