Aller au contenu principal

OWASP

OWASP

Online Website for practicing OWASP TOP 10 (updated) ✨

OWASP Top10 is a valuable resource for anyone involved in web application security and is widely recognized as a key reference for identifying and mitigating the most critical security risks.

Hacksplaining is a useful resource for anyone who wants to understand the basics of web application security and learn how to protect themselves and their systems from potential attacks.

✅1. Broken Access Control ·
📎 Broken Access Control >> https://lnkd.in/gY6XAZyM
📎Directory Traversal >> https://lnkd.in/gk6vwQrV
📎 Cross-site Request Forgery >> https://lnkd.in/gP27xvXh
✅2. Cryptographic Failures · https://lnkd.in/gVvU9kyB
✅3. Injection · https://lnkd.in/g3cBNnU4
✅4. Insecure Design · https://lnkd.in/ge-4eVh7
📎 Information leak >> https://lnkd.in/gjKgGjpz
📎 File Upload Vulnerabilities > https://lnkd.in/g6GD8ZzU
✅5. Security Misconfiguration · https://lnkd.in/gA4Xepmq
✅6. Vulnerable and Outdated Components · https://lnkd.in/gAEYKNPa
✅7. Identification and Authentication Failures ·
📎 Password Management >> https://lnkd.in/gQTWWKEX
📎 Privilege Escalation >> https://lnkd.in/ga49VgvX
📎 User Enumeration >> https://lnkd.in/gsp336GQ
📎 Session Fixation >> https://lnkd.in/gBy2qB-6
📎 Weak Session IDS >> https://lnkd.in/gBgPB6Wg
✅8. Software and Data Integrity Failures ·
📎 Software and data integrity failures relate to code and infrastructure that does not protect against integrity violations. An example is when an application relies upon plugins, libraries, or modules from untrusted sources, repositories, and content delivery networks (CDNs).
✅9. Security Logging and Monitoring Failures · https://lnkd.in/gx3i92V5
✅10. Server-Side Request Forgery · https://lnkd.in/gsQpgbaA

Source: https://lnkd.in/gcb95RSk

#owasp #owasptop10 #cybersecurity #webapplicationsecurity #pentesting #blueteam #redteam #applicationsecurity