Pentesting cryptographic parameters
Applications where information is being sent to third parties, such as endpoints from shopping portal to payment gateway information, such as credit card details, the information is encrypted by a mutually agreed upon key. An automated scanner will not be able to scan such instances. If any endpoint is left exposed accidentally by the application, then by manual analysis, the pentester can test these cryptographic parameters for vulnerabilities.
推薦閱讀
- Mastering Kali Linux for Advanced Penetration Testing
- 移動APT:威脅情報分析與數據防護
- 黑客攻防與網絡安全從新手到高手(絕招篇)
- 數據要素安全:新技術、新安全激活新質生產力
- End to End GUI Development with Qt5
- 信息技術基礎:提高篇·實驗與習題
- 數字政府網絡安全合規性建設指南:密碼應用與數據安全
- Mastering Python for Networking and Security
- Hands-On Artificial Intelligence for Cybersecurity
- 云計算安全防護技術
- 數字銀行安全體系構建
- 2010年中國互聯網網絡安全報告
- 互聯網域名國際化與安全技術導論
- 網絡安全攻防技術實戰
- 網絡安全應急響應基礎理論及關鍵技術