- Hands-On Application Penetration Testing with Burp Suite
- Carlos A. Lozano Dhruv Shah Riyaz Ahemed Walikar
- 100字
- 2021-07-02 12:16:38
Various business logic flaws
Every application has its own set of logic to get some functions done. Business logic is generally a set of steps required to get a job completed. Let's take an example where, if a user wants to purchase a product on the shopping site, he have to follow a series of steps:
- Select an item
- Specify the quantity of the product
- Enter delivery information
- Enter card details
- Complete payment gateway procedures
- Purchase complete
- Delivery pending
- Delivery complete
As you can see, a lot of steps are involved and this is where an automated scanner fails.
推薦閱讀
- 暗戰(zhàn)亮劍:黑客滲透與防御全程實(shí)錄
- 網(wǎng)絡(luò)安全技術(shù)與實(shí)訓(xùn)(第4版)(微課版)
- Digital Forensics with Kali Linux
- 解密數(shù)據(jù)恢復(fù)
- 安全防御入門手冊
- 信息技術(shù)基礎(chǔ):提高篇·實(shí)驗(yàn)與習(xí)題
- 網(wǎng)絡(luò)空間安全法律問題研究
- Web代碼安全漏洞深度剖析
- 安全網(wǎng)絡(luò)構(gòu)建
- 數(shù)據(jù)恢復(fù)技術(shù)深度揭秘
- Developing Applications with Salesforce Chatter
- 互聯(lián)網(wǎng)域名國際化與安全技術(shù)導(dǎo)論
- 一本書講透混合云安全
- 網(wǎng)絡(luò)空間安全實(shí)踐能力分級培養(yǎng)(I)
- AI+網(wǎng)絡(luò)安全:智網(wǎng)融合空間體系建設(shè)指南