update methodology snippet

2020-04-14 18:55:46 +02:00
parent 5e41ff24da
commit 215bec9fac
1 changed files with 4 additions and 1 deletions
--- a/xml/source/snippets/report/methodology.xml
+++ b/xml/source/snippets/report/methodology.xml
@@ -43,7 +43,10 @@
        has been obtained (either legitimately though provided credentials, or
        via vulnerabilities). This may be done surreptitiously (for example to
        try to evade intrusion detection systems or rate limits) or by more
-        aggressive brute-force methods.
+        aggressive brute-force methods. This step also consist of manually testing the
+        application against the latest (2017) list of OWASP Top 10 risks. The discovered 
+        vulnerabilities from scanning and manual testing are moreover used to further elevate
+        access on the application. 
      </li>
    </ol>
  </section>