✍️
Writeups and Walkthroughs
HomeGitHubPortfolio Twitter/X Medium Cont@ct
  • ✍️Writeups and Walkthroughs
  • THM
    • Simple CTF
    • RootMe
    • Eternal Blue
    • Vulnversity
    • Pickle Rick
    • Brooklyn Nine Nine
    • Kenobi
    • Bounty Hacker
    • Overpass
    • LazyAdmin
    • Ignite
    • Bolt
    • Agent Sudo
    • Anonymous
    • Startup
    • Wgel
    • Lian_Yu
    • Blog
    • ColdBox
    • H4cked
    • Smag Grotto
    • Ice
    • Blaster
    • The Sticker Shop
    • 🔟OWASP
      • 1️⃣Injection
    • Active Directory Basics
    • Attacktive Directory
    • Post-Exploitation Basics
  • HackTheBox
    • Active
    • Devel
    • Delivery
    • Analytics
    • Bashed
    • Valentine
    • Sau
    • Sunday
    • Cap
    • Bizness
    • Chemistry %
  • Vulnhub
    • Brainpain (BoF)
  • DockerLabs
    • Trust
    • Upload
    • Vacaciones
  • DVWA
    • Install and configure DVWA
    • Command Injection
    • CSRF
    • File Inclusion
    • SQL Injection
    • SQLi Blind
  • Mutillidae II
    • Install & configure OWASP Mutillidae II
    • SQLi
      • SQLi Login Bypass
      • Extracting Data
      • Finding Number of Columns
      • Pivoting with SQL injection
    • Command Injection
      • Extracting User Accounts
      • Web Shell
    • IDOR & File Inclusion
      • Edit Another User's Profile
      • Extracting User Accounts
      • Extracting User Accounts with Local File Inclusion
      • Web Shell with Remote File Inclusion (RFI)
    • XSS
      • XSS Reflected
      • XSS Stored
      • XSS DOM-Based
  • Secure Bank
    • Install & configure Secure Bank
    • -----
      • SQLi Login Bypass
      • Extracting Data
      • Finding Number of Columns
      • Pivoting with SQL injection
    • -----
      • Extracting User Accounts
      • Web Shell
  • PortSwigger - Web Security Academy
    • Burp Suite Config
    • Information Disclosure
      • Information disclosure vulnerabilities
      • Common sources of information disclosure
        • Information disclosure in error messages
        • Information disclosure on debug page
        • Source code disclosure via backup files
        • Authentication bypass via information disclosure
        • Information disclosure in version control history
    • Essential skills
      • Obfuscating attacks using encodings
        • SQL injection with filter bypass via XML encoding
      • Using Burp Scanner
      • Identifying unknown vulnerabilities
    • Server-side vulnerabilities
      • Path traversal
        • File path traversal, simple case
      • Access control
        • Unprotected admin functionality
        • Unprotected admin functionality with unpredictable URL
        • User role controlled by request parameter
        • User ID controlled by request parameter, with unpredictable user IDs
        • User ID controlled by request parameter with password disclosure
      • Authentication
        • Username enumeration via different responses
        • 2FA simple bypass
      • Server-side request forgery (SSRF)
        • Basic SSRF against the local server
        • Basic SSRF against another back-end system
      • File upload vulnerabilities
        • Remote code execution via web shell upload
        • Web shell upload via Content-Type restriction bypass
      • OS Command Injection
        • OS command injection, simple case
      • SQL injection
        • SQL injection vulnerability in WHERE clause allowing retrieval of hidden data
        • SQL injection vulnerability allowing login bypass
    • JWT Attacks
      • Json Web Tokens (JWT)
      • Exploiting JWT
        • JWT authentication bypass via unverified signature
        • JWT authentication bypass via flawed signature verification
        • JWT authentication bypass via weak signing key
        • To-Do
          • JWT authentication bypass via jwk header injection - %
          • JWT authentication bypass via jku header injection - %
          • JWT authentication bypass via kid header path traversal - %
    • API Testing
      • API Testing
        • Exploiting an API endpoint using documentation
        • Finding and exploiting an unused API endpoint
        • Exploiting a mass assignment vulnerability
      • Server-side parameter pollution
        • Exploiting server-side parameter pollution in a query string
    • Deserialization Insecure
      • Serialization vs Deserialization
        • Lab
        • Lab
      • Java Insecure Deserialization
        • Lab
        • Lab
      • PHP Insecure Deserialization
        • Lab
        • Lab
  • HomeMade Labs
    • Active Directory
      • AD Lab Setup
      • AD Enumeration
      • SMB Common Attacks
    • Pivoting
      • Pivoting Theory
      • Pivoting Guidelines
      • Lab (3 Targets)
    • Buffer Overflow (BoF)
      • BoF Theory
      • Brainpain (BoF Lab)
Powered by GitBook
On this page
  1. THM

OWASP

https://owasp.org/Top10/

PreviousThe Sticker ShopNextInjection

Last updated 2 years ago

The Open Worldwide Application Security Project (OWASP) is an online community that produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security. The OWASP provides free and open resources. It is led by a non-profit called The OWASP Foundation.

Methodology

This installment of the Top 10 is more data-driven than ever but not blindly data-driven. We selected eight of the ten categories from contributed data and two categories from the Top 10 community survey at a high level. We do this for a fundamental reason, looking at the contributed data is looking into the past. AppSec researchers take time to find new vulnerabilities and new ways to test for them. It takes time to integrate these tests into tools and processes. By the time we can reliably test a weakness at scale, years have likely passed. To balance that view, we use a community survey to ask application security and development experts on the front lines what they see as essential weaknesses that the data may not show yet.

There are a few critical changes that we adopted to continue to mature the Top 10.

  • Injection

  • Broken Authentication

  • Sensitive Data Exposure

  • XML External Entity

  • Broken Access Control

  • Security Misconfiguration

  • Cross-site Scripting

  • Insecure Deserialization

  • Components with Known Vulnerabilities

  • Insufficent Logging & Monitoring

🔟
OWASP
tryhackme.com - © TryHackMe