OWASP Top ๐ 2017
Kaustubh RaiTable of contents
- Day 1 - Injection
- Day 2 - Broken Authentication
- Day 3 - Data Exposure
- Day 4 - XML External Entity
- Day 5 - Broken Access Control
- Day 6 - Security Misconfiguration
- Day 7 - Cross-Site Scripting
- Day 8 - Insecure Deserialization
- Day 9 - Components with Known Vulnerabilities
- Day 10 - Insufficeint Logging and Monitoring
Every cyber-security enthusiast has once come upon these terms OWASP Top 10.
The Top 10 here means Top 10 Vulnerablities, the greatest software risks for any Web Application. OWASP is just an online community/non profit foundation that helps to improve the security of software for free.
To combat said vulnerablities and protect your website, TryHackMe provides a room to pratice these vulnerabilities and teach you about each vulnerability. How it occurs and how to exploit it. Link for the room - THM OWASP Top 10 Room
I practiced this room a while back and wrote posts on Linkedin on how to solve each challenge. This is a culmination for all those posts in one place.
This is a mind map for all the things that are taught in that room.
(Mindmap much bigger than this. Click THIS)
Day 1 - Injection
Day 2 - Broken Authentication
Day 3 - Data Exposure
Day 4 - XML External Entity
Day 5 - Broken Access Control
Day 6 - Security Misconfiguration
Day 7 - Cross-Site Scripting
Day 8 - Insecure Deserialization
Day 9 - Components with Known Vulnerabilities
Day 10 - Insufficeint Logging and Monitoring
OWASP Top 10, this is just one of the concepts that one needs to learn in protecting thier application. There are many other vulnerabilites present and all of this can be learned through THM.
Subscribe to my newsletter
Read articles from Kaustubh Rai directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by
Kaustubh Rai
Kaustubh Rai
Application Security Engineer