OWASP: Difference between revisions
From charlesreid1
No edit summary |
|||
| Line 7: | Line 7: | ||
Their wiki is a good source of information: https://www.owasp.org/index.php/Category:OWASP_Guide_Project | Their wiki is a good source of information: https://www.owasp.org/index.php/Category:OWASP_Guide_Project | ||
==Top 10 | ==Top 10== | ||
Top web vulnerabilities: | Top web vulnerabilities: | ||
https://www.owasp.org/index.php/Top_10_2013 | 2013: https://www.owasp.org/index.php/Top_10_2013 | ||
https:// | 2017: https://owasp.org/www-project-top-ten/2017 | ||
2021: https://owasp.org/www-project-top-ten/ | |||
===2021 List=== | |||
* A01:2021 - Broken Access Control | |||
* A02:2021 - Cryptographic failures | |||
* A03:2021 - Injection | |||
* A04:2021 - Insecure design | |||
* A05:2021 - Security misconfiguration | |||
* A06:2021 - Vulnerable and outdated components | |||
* A07:2021 - Identification and authentication failures | |||
* A08:2021 - Software and data integrity failures | |||
* A09:2021 - Security logging and monitoring failures | |||
* A10:2021 - Server-side request forgery (SSRF) | |||
==Links== | ==Links== | ||
Revision as of 18:21, 20 May 2023
Owasp
What is it?
Wiki
Their wiki is a good source of information: https://www.owasp.org/index.php/Category:OWASP_Guide_Project
Top 10
Top web vulnerabilities:
2013: https://www.owasp.org/index.php/Top_10_2013
2017: https://owasp.org/www-project-top-ten/2017
2021: https://owasp.org/www-project-top-ten/
2021 List
- A01:2021 - Broken Access Control
- A02:2021 - Cryptographic failures
- A03:2021 - Injection
- A04:2021 - Insecure design
- A05:2021 - Security misconfiguration
- A06:2021 - Vulnerable and outdated components
- A07:2021 - Identification and authentication failures
- A08:2021 - Software and data integrity failures
- A09:2021 - Security logging and monitoring failures
- A10:2021 - Server-side request forgery (SSRF)
Links
http://wiki.securityweekly.com/wiki/index.php/Episode339
Flags
