Oauth2.0 Pentest Checklist
Here's a list of things to keep in mind when checking out part of an OAuth 2.0 Penetration Testing engagement.
Syn Cubes Team - May 25, 2021
Word Ahead
This is a visual alternative to the IETF OAuth 2.0 Security Best Current Practice publication, combined with knowledge from various other public resources we found useful.
We are using this checklist as part of our testing routine for Oauth2 implementations.
Checklist
-
Read more
-
Read more
-
Read more
-
Read more
-
Read more
-
Read more
-
Read more
-
Read more
-
Read more
-
Read more
-
Read more
Other Security Considerations
Client App Security
Resource Servers
OAUTH2.0 Penetration Testing - High Quality Image
[*] Download picture
OAUTH2.0 Pentest check list mindmap - CherryTree Version
[*] Download file