Web Application Penetration Testing Tutorial For Beginners

What is Parameter Tampering and Temptation Attack in Penetration Testing & Cybersecurity?

Understanding Parameter Temptation and Tampering

Parameter temptation is a process where the parameters found during pentesting are tampered with or modified to change the output. 

Sometimes, the hackers manipulate the URL parameters to find the details or data that was supposed to remain unavailable to end-users. The risks of the parameter temptation depend on which parameters are being tampered with. 

The aim of doing parameter temptation can be to access the files above the web root, find database information and run arbitrary OS commands. 

For example, attackers try parameter temptation of eCommerce sites to change the pricing of the product being ordered. 

Testing Advance Parameter Temptation

Testing Advance Parameter Temptation

Test your knowledge with a quick quiz!

The process of changing the value of the parameter for manipulating output is called?

Select the correct answer

PreviousPhases of Web Penetration Testing
NextWhat is SQL Injection (SQLi) Attack in Website & Web Application? Explained
Did you find this article helpful?