OWASP Top 10 | TryHackMe

What is OWASP foundation?

  • Injection
  • Broken Authentication
  • Sensitive Data Exposure
  • XML External Entity
  • Broken Access Control
  • Security Misconfiguration
  • Cross-site Scripting
  • Insecure Deserialization
  • Components with Known Vulnerabilities
  • Insufficent Logging & Monitoring

Task 5: [Severity 1] Command Injection Practical

  1. Start machine
  2. Start attachbox or VPN

Task 7: [Severity 2] Broken Authentication Practical

Task 11: [Severity 3] Sensitive Data Exposure (Challenge)

Task 13: [Severity 4] XML External Entity — eXtensible Markup Language

Task 14: [Severity 4] XML External Entity — DTD

Task 16: [Severity 4] XML External Entity — exploiting

Task 18: [Severity 5] Broken Access Control (IDOR Challenge)

Task 19: [Severity 6] Security Misconfiguration

Task 20: [Severity 7] Cross-Site-Scripting

Task 21: [Severity 8] Insecure Deserialization

Task 22: [Severity 8] Insecure Deserialization Objects

Task 23: [Severity 8] Insecure Deserialization — Deserialization

Task 24: [Severity 8] Insecure Deserialization — cookies

Task 25: [Severity 8] Insecure Deserialization — cookies practical

Task 29: [Severity 9] Components With Known Vulnerabilities — Lab

Task 30: [Severity 10] Insufficient Logging and Monitoring

--

--

Cyber security engineer

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store