A6 Sensitive Data Exposure

A6 SENSITIVE DATA EXPOSURE

Introduction

Sensitive data exposure focuses on the datas that can be found online. With security misconfiguration focusing on the server and the website, sensitive data exposure focuses on the information that can be gathered by the search engines or through sniffing the network.

Tools needed:

BurpSuite
Google advance search

Video

Password viewed in plaintext

Other possible methods:

Some tips of solving the vulnerability is to:

Encrypt sensitive variables before the packet leaves the computer
Have robot.txt to prevent crawling from search engines and spiders
Educate users on phishing website

Home

A6 SENSITIVE DATA EXPOSURE

Introduction

Tools needed:

Video

PENETRATION