Apex Code Development You need to sign in to do that
Don't have an account?
bs881026 What are the vulnerabilities in testing Web Service
Hi,
As a Salesforce tester, can anyone please help me understand what are the vulnerabilities when testing a Webservice in salesforce.
Thanks.
As a Salesforce tester, can anyone please help me understand what are the vulnerabilities when testing a Webservice in salesforce.
Thanks.
As a salesforce tester, you need to understand the below vulnerabilities while testing a web service class.
1)Debug output : https://developer.salesforce.com/docs/atlas.en- us.apexcode.meta/apexcode/apex_debugging_API_calls.htm
2)Fuzzing: http://security.stackexchange.com/questions/124521/
vulnerability-scanning-vs-fuzzing-a-web-application
3)XSS : https://developer.salesforce.com/docs/atlas.en-us.pages.meta/pages/pages_security_tips_xss.htm
4)SQLi: https://developer.salesforce.com/page/Secure_Coding_SQL_Injection
5)Malformed XML : https://www.soapui.org/security-testing/security-scans/malformed-xml.html
6)Malicious Attachment/File Upload : https://www.soapui.org/security-testing/security-scans/malicious-attachment.html
7)Improper Boundary Checking :
https://cwe.mitre.org/data/definitions/119.html
8)XML Bomb (DoS) : https://www.soapui.org/security-testing/security-scans/xml-bomb.html
9)Basic Authentication: https://www.acunetix.com/vulnerabilities/
web/basic-authentication-over-http
10)SAML/OAuth/OpenIDauthentication:
http://resources.infosecinstitute.com/
saml-oauth-openid/
Please mark my solution as the best answer if it helps you .......
Best Regards,
Nagendra.p