Web application Security-Password reset test scenarios

authentication bypass test scenarios

This is going to be a series of blogs in web application security test scenarios and this is one of them. As we all know, web applications have become an integral part of our life. People use web applications for most of the services. Customers register and store their personal data in some company’s web applications. There are so many attacks targeted on web applications by attackers. At the same time, organizations ask penetration testers to identify the loop holes/ vulnerabilities existing in web applications before the attackers do.

As part of the security assessment, the penetration tester will perform different test scenarios to identify the vulnerabilities. Today, I would like to list down what all test scenarios can be tested related to password reset functionality. I presume penetration testers know what is meant by password reset. If not, I kindly request you to google it and get little hold of the concept.

Below is the mind map created for password reset test scenario.

Test Scenarios:

I have complied these scenarios based on my assessment. However, I did not give the screenshots for each scenarios since it will be a huge blog to go through.

I hope it is useful in terms of reference for penetration testing and I know there are multiple resources our there in internet. You can add this reference also along with other reference. Hope this makes little difference at least!!!

If you like the content, please follow me on medium and LinkedIn

LinkedIn: https://www.linkedin.com/in/pravin-r-p-oscp-28497712b/

OSCP/Security geek &researcher(Application/infrastructure/Mobile/cloud security)