3 thoughts on “Testing A Log In Page

  1. Pingback: Five Blogs – 20 February 2014 | 5blogs

  2. Pingback: Testing Bits – 2/16/14 – 2/22/14 | Testing Curator Blog

  3. Well the next thing I’d try is authentication bypass. i.e. pasting values into the URL and seeing if I can jump past the login screen and start using the system without actually logging in, It’s surprising how often that works.
    I’d also try exploiting the password reminder function, which is a subject in it’s own right for hackers!
    Number 26 is a classic SQL injection which should (but might not be) be detected by pattern matching in the Intrusion Prevention System. Try obfuscation to outwit it!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s