...
What did you accomplish this past week?
Worked on fixing fineract issues.
Tested "create group" and , "closing entries" and “client” API's.
Tested for response manipulation, CSRF, Business Logic errors.
Had a meet with mentor discussing progress.
What will you do this upcoming week?
test remaining apis
configure mobile wallt to proxy tool - test for auth issues
Next week, my plan is to test the remaining APIs. The first step will be to extract all the API URL's and their parameters from the web app, create users with different privileges, and then use automated workflows from Trickest to test for OWASP Top 20.
What obstacles are impeding your progress?
None
Would you like help from some mentor for this task?
Not as of now
Ed to get scall scheduled with godfrey and security team.
...