As a seasoned web application penetration tester, I've always felt that there should be a more straightforward way to classify web application vulnerabilities according to testing activities. This became even more apparent to me when I started to maintain our Professionally Evil Application Security (PEAS) course content. I found that I was in a different frame of mind when analyzing auth controls than when I was looking an injection flaw or a logic flaw. I found that to optimize my web application testing activities, I would group them into focus areas, which we talked about briefly in the PEAS class even though it was somewhat informal. Over the past year I have pondered how my organization system could potentially help other web app pentesters and hence we now have the BILE Classification Scheme. This system aims to simplify the categorization of web application security vulnerabilities into four distinct categories: Bypass, Input Manipulation, Logic and Timing, and Exposure.
In my quest to create a classification scheme that's as simple as the word "BILE" itself (not the most appetizing acronym, I know, but it's memorable!), I've developed a whitepaper that delves into the ins and outs of this classification system. The whitepaper, titled "BILE Classification Scheme: Categorizing Web Application Security Vulnerabilities for Effective Testing and Analysis," explains the development, practical applications, and potential future enhancements of the BILE Classification Scheme. It also includes a crosswalk with OWASP Top 10 (2017 and 2021) and SANS CWE Top 25 to showcase its versatility and effectiveness.
I invite you to download the whitepaper and discover how the BILE Classification Scheme can help improve your web application penetration testing process. Here is the whitepaper:
So, fellow web app security enthusiasts, embark on this journey with me and explore the BILE Classification Scheme. I humbly look forward to your feedback.