OWASP Top 10 - Master Pentest Guide

Aim: Single page to cover OWASP Top 10 vulns, exploitation and mitigation

As per OWASP Top 10 2017 list. A newer 2021 list is also up so feel free to modify it as your will.

A1. Injections

A2. Broken Authentication

  • Re-registering a user. Let's say a user darren exists. Now we'll register using username: " darren" (with a space in front) and we'll be logged in the original darren's account.

  • Brute-force.

PreviousWeb PentestNextWordpress Exploitation

Last updated