Top 10 Business Logic Attack Vectors | LDAP, Flash, Silverlight

White Paper: Attacking and exploiting the top 10 business logic attack vectors

This new white paper developed by our research team describes how to attack & exploit the 10 most common business logic flaws. Application business logic flaws are specific to the application, potentially very damaging and difficult to test. They must be tested by humans, defy easy categorization and can be more art than science to discover.

This white paper details the 10 most common business logic attack vectors with specific instructions, real-world examples and code-snippets that demonstrate how to test and exploit these types of vulnerabilities.

Top 10 Business Logic Attack Vectors:

Authentication flags & privilege escalations
Critical parameter manipulation & access to unauthorized information/content
Developer’s cookie tampering & business process/logic bypass
LDAP parameter identification & critical infrastructure access
Business constraint exploitation
Business flow bypass
Exploiting clients side business routines embedded in JavaScript, Flash or Silverlight
Identity or profile extraction
File or unauthorized URL access & business information extraction
Denial of Services (DoS) with business logic

Please complete the following form to have this white paper emailed to you.