search

1. Web Application Security Standards and Best Practices

hashtag
OWASP TOP 10 - 2021

Website: https://owasp.org/Top10/arrow-up-right

A01: 2021 - Broken Access Control A02: 2021 - Cryptographic Failures A03: 2021 - Injection A04: 2021 - Insecure Design A05: 2021 - Security Misconfiguration A06: 2021 - Vulnerable and Outdated Components A07: 2021 - Identification and Authentication Failures A08: 2021 - Software and Data Integrity Failures A09: 2021 - Security Logging and Monitoring Failures A10: 2021 - Server-Side Request Forgery (SSRF)

NOTE: It's important to know that even though a web application might appear vulnerable to any of the bugs in case it cannot be exploited because of some other configuration the report wouldn't be accepted as a good one.

hashtag
CWE - Common Weakness Enumeration

Website: https://cwe.mitre.org/index.htmlarrow-up-right

CWE™ is a community-developed list of software and hardware weakness types. It serves as a common language, a measuring stick for security tools, and as a baseline for weakness identification, mitigation, and prevention efforts.

Top 25 Most Dangerous Software Weaknesses as of 2023:

  1. Out-of-Bounds Write

  2. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

  3. Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

  4. Use After Free

  5. Impropert Neutralization of Special Elements in an OS Command ('OS Command Injection')

  6. Improper Input Validation

  7. Out-of-bounds Read

  8. Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

  9. Cross-Site Request Forgery (CSRF)

  10. Unrestricted Upload of File with Dangerous Type

  11. Missing Authorization

  12. NULL Pointer Dereference

  13. Improper Authentication

  14. Integer Overflow Wraparound

  15. Deserialization of Untrusted Data

  16. Improper Neutralization of Special Elements used in a Command ('Command Injection')

  17. Improper Restriction of Operations within the Bounds of a Memory Buffer

  18. Use of Hard-Coded Credentials

  19. Server-side Request Forgery (SSRF)

  20. Missing Authentication for Critical Function

  21. Concurrent Execution using Shared Resource with improper Synchronization ('Race Condition')

  22. Improper Privilege Management

  23. Improper Control of Generation of Code ('Code Injection')

  24. Incorrect Authorization

  25. Incorrect Default Permissions

IMPORTANT STUDY NOTES WHEN EXPLORING A BUG

  • Go on OWASP TOP 10 - Pick a type of BUG

  • Go on CWE - explore everything from that bug and how it looks in code

  • Optional - go on BurpAcademy study that specific type of bug

  • Deepen your understanding by checking other resources or blogs that talk about this

  • OWASP Top 10 - also has a deeper dive into bugs and more important how to SANITIZE against them.

SANS - May be a better interface to browse through CWEs

Website: https://www.sans.org/top25-software-errors/arrow-up-right

PreviousIntroductionNext2. Pentesting vs Bug Bounty Hunting