mirror of
https://github.com/0x5t4l1n/hunting.git
synced 2026-05-26 11:35:51 +00:00
copilot-swe-agent[bot]
ab9c127df3
Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com>
608 B
608 B
A04 - Insecure Design
Description
Insecure design is a broad category representing different weaknesses expressed as "missing or ineffective control design." The difference between insecure design and insecure implementation is that design flaws are inherent to the application's architecture.
Common Vulnerabilities
- Missing security controls
- Insufficient threat modeling
- Insecure design patterns
- Business logic flaws
- Missing rate limiting
Testing Approach
Test business logic flows, analyze application architecture, and look for missing security controls or flawed design patterns.