This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Cyber Security Base - Course Project I | |
I made a web application to which users can register and login to submit comments. | |
Logged in users can logout, view their own profile, delete their own comments and | |
delete their account as well as create new comments. | |
The application includes five different security flaws from the OWASP’s 2013 10 Most Critical Web Application Security Risks | |
list (https://www.owasp.org/index.php/Top_10_2013-Top_10). The flaws are as follows: | |
A2 - Broken Authentication and Session Management | |
A3 - Cross-Site Scripting (XSS) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
╔╦╗╦ ╦ ╔╗ ┬ ┬┌─┐ ╔╗ ┌─┐┬ ┬┌┐┌┬┐┬ ┬ ╦═╗┌─┐┌─┐┌─┐┬ ┬┬─┐┌─┐┌─┐┌─┐ | |
║║║╚╦╝ ╠╩╗│ ││ ┬ ╠╩╗│ ││ │││││ └┬┘ ╠╦╝├┤ └─┐│ ││ │├┬┘│ ├┤ └─┐ | |
╩ ╩ ╩ ╚═╝└─┘└─┘ ╚═╝└─┘└─┘┘└┘┴ ┴ ╩╚═└─┘└─┘└─┘└─┘┴└─└─┘└─┘└─┘ | |
// | |
()==========>>======================================-- | |
\\ | |
2FA Bypass |