...
What did you accomplish this past week?
I set up Burp and other tools, configured them with my browser. I explored the application’s features and started crawling.
I read the code and understood its flow. User manuals and security blogs helped me learn more.
I created a workspace in Notion to organize, document my work and keep track of security resources.
To save time and work more efficiently, I set up a remote desktop server to automate tasks.
I read API documentation, security blogs, and read disclosed reports of XSS and IDOR attacks. Used web archive to extract all end points and analyzed them.
What will you do this upcoming week?
I will start security research from next week, my focus will be on testing every feature and request. I will also find out some issues to work on. I will have a meeting with my mentor on Tuesday.
What obstacles are impeding your progress?
none
Would you like help from some mentor for this task?
nope
Kerlyn
What did you accomplish this past week?
Refine project proposal
Setup my test environment: Setup the Mifos X application on my local, and set up the fineract backend (I can now access the complete swagger documentation as well on my local)
Perform DAST Scan using Wapiti and Owasp Zap.
Analyze reports generated by vulnerability scanners (Wapiti and Owasp Zap).
Read Fineract swagger API documentation and test APIs.
Research on how to configure vulnerability scanning on Postman.
What will you do this upcoming week?
Begin Project Implementation by testing for :
Identification and authentication failures
Broken Access C
What obstacles are impeding your progress?
Would you like help from some mentor for this task?
...