A starter Guide To Pentesting with OWASP

A starter Guide To Pentesting with OWASP

 what is OWASP ?

the open web application security  project is  an online community that produces freely -available  articles , methodologies , documentations , tools, and technologies in the field of WEB APPLICATION SECURITY .

OWASP TOP 10

1. Injection 

 * SQL,NoSQL,LDAP,OS,etc.

2. Broken Authentication 

3.Sensitive Data Exposure 

4.XML External Entities (XXE)

5.Broken Access Control

6.Security Misconfiguration

7.Cross-Site Scripting XSS

8.Insucure Deserialization 

9.Using Component's with known Vulnerabilities

10.Insufficient Logging & Monitoring