OWASP: Difference between revisions
From charlesreid1
No edit summary |
(→Top 10) |
||
| (3 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
=Owasp= | |||
What is it? | |||
==Wiki== | |||
Their wiki is a good source of information: https://www.owasp.org/index.php/Category:OWASP_Guide_Project | |||
==Top 10== | |||
https://owasp.org/Top10/ | |||
Top web vulnerabilities: | |||
2013: https://www.owasp.org/index.php/Top_10_2013 | |||
2017: https://owasp.org/www-project-top-ten/2017 | |||
2021: https://owasp.org/www-project-top-ten/ | |||
===2021 List=== | |||
* A01:2021 - Broken Access Control | |||
* A02:2021 - Cryptographic failures | |||
* A03:2021 - Injection | |||
* A04:2021 - Insecure design | |||
* A05:2021 - Security misconfiguration | |||
* A06:2021 - Vulnerable and outdated components | |||
* A07:2021 - Identification and authentication failures | |||
* A08:2021 - Software and data integrity failures | |||
* A09:2021 - Security logging and monitoring failures | |||
* A10:2021 - Server-side request forgery (SSRF) | |||
==Links== | |||
http://wiki.securityweekly.com/wiki/index.php/Episode339 | |||
=Flags= | |||
{{KaliFlag}} | |||
Latest revision as of 18:21, 20 May 2023
Owasp
What is it?
Wiki
Their wiki is a good source of information: https://www.owasp.org/index.php/Category:OWASP_Guide_Project
Top 10
Top web vulnerabilities:
2013: https://www.owasp.org/index.php/Top_10_2013
2017: https://owasp.org/www-project-top-ten/2017
2021: https://owasp.org/www-project-top-ten/
2021 List
- A01:2021 - Broken Access Control
- A02:2021 - Cryptographic failures
- A03:2021 - Injection
- A04:2021 - Insecure design
- A05:2021 - Security misconfiguration
- A06:2021 - Vulnerable and outdated components
- A07:2021 - Identification and authentication failures
- A08:2021 - Software and data integrity failures
- A09:2021 - Security logging and monitoring failures
- A10:2021 - Server-side request forgery (SSRF)
Links
http://wiki.securityweekly.com/wiki/index.php/Episode339
Flags
