#owasp-top-10

5d ago · 27 min read · 1 Introduction In this post, the Insecure CAPTCHA vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to bypass the poor CAPTCHA system

Join discussion

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

0

Weak Session IDs in DVWA

Apr 12 · 16 min read · 1 Introduction In this post, the Weak Session IDs vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to work out how the ID is generat

Join discussion

HAHardik Arorahardik0811arora.hashnode.dev

0

🛡️Educonnect: A Deep Dive into Cloud-Native Security & K3s Orchestration

Mar 29 · 5 min read · "If you can't measure it, you can't secure it." In this post, I’m pulling back the curtain on the EduConnect CI/CD pipeline. We aren't just looking at code; we are looking at real-time security telem

Join discussion

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

0

JavaScript Attacks in DVWA

Mar 26 · 21 min read · 1 Introduction In this post, the JavaScript Attacks vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to analyse and manipulate the J

Join discussion

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

0

API Security in DVWA

Mar 21 · 29 min read · 1 Introduction In this post, the API Security vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks across all security levels is to exploit weaknesses in

Join discussion

MNMilan Nikicsecuritydepth.hashnode.dev

0

Authentication Vulnerabilities: Strategic Defense and Organizational Controls (Part 4)

Mar 16 · 18 min read · In the previous parts of this series, we discussed the authentication vulnerability from the developer’s point of view. We discussed password requirements based on NIST guidelines, rate limiting using

Join discussion

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

0

CSP Bypass in DVWA

Mar 14 · 16 min read · 1 Introduction In this post, the Content Security Policy (CSP) Bypass vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to bypass the

Join discussion

EEEmma Engströmpentesting-dvwa.hashnode.dev

0

File Upload in DVWA

Mar 12 · 15 min read · Introduction This post demonstrates how a file upload vulnerability in the Damn Vulnerable Web Application (DVWA) can be exploited to achieve remote code execution. The objective of the attack is to u

Join discussion

MNMilan Nikicsecuritydepth.hashnode.dev

0

Authentication Vulnerabilities in Java: Session Management & Advanced Security (Part 3)

Mar 10 · 22 min read · In Part 1, we discussed the requirements of passwords according to NIST recommendations, various methods of rate limiting using sliding window and exponential backoff, and ways to avoid enumeration of

Join discussion

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

0

Authorisation Bypass in DVWA

Mar 8 · 13 min read · 1 Introduction In this post, the Authorisation Bypass vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to identify any areas where a

Join discussion

Tag feed

Tag feed

#owasp-top-10

Trending tags this week