- Hands-On Application Penetration Testing with Burp Suite
- Carlos A. Lozano Dhruv Shah Riyaz Ahemed Walikar
- 100字
- 2021-07-02 12:16:38
Various business logic flaws
Every application has its own set of logic to get some functions done. Business logic is generally a set of steps required to get a job completed. Let's take an example where, if a user wants to purchase a product on the shopping site, he have to follow a series of steps:
- Select an item
- Specify the quantity of the product
- Enter delivery information
- Enter card details
- Complete payment gateway procedures
- Purchase complete
- Delivery pending
- Delivery complete
As you can see, a lot of steps are involved and this is where an automated scanner fails.
推薦閱讀
- 云原生安全:攻防實踐與體系構(gòu)建
- Web漏洞分析與防范實戰(zhàn):卷1
- Securing Blockchain Networks like Ethereum and Hyperledger Fabric
- 可信計算3.0工程初步
- INSTANT Metasploit Starter
- 工業(yè)控制網(wǎng)絡(luò)安全技術(shù)
- .NET安全攻防指南(上冊)
- Python Penetration Testing Cookbook
- Computer Forensics with FTK
- ARM匯編與逆向工程:藍(lán)狐卷·基礎(chǔ)知識
- 從0到1:CTFer成長之路
- 持續(xù)集成:軟件質(zhì)量改進(jìn)和風(fēng)險降低之道
- 網(wǎng)絡(luò)空間安全導(dǎo)論
- Android Application Security Essentials
- 聯(lián)邦學(xué)習(xí)原理與算法