Kontra OWASP Top 10 for Web
KONTRA's developer security training of OWASP Top 10 is inspired by real-world vulnerabilities and case studies, we have created a series of interactive application security training modules to help developers understand, identify and mitigate security vulnerabilities in their applications.
-
Capital One SSRF
-
Clickjacking
-
Command Injection
-
Components with Known Vulnerabilities
-
Cross-Site Request Forgery
-
Directory Traversal
-
DOM XSS
-
Forced Browsing
-
Horizontal Privilege Escalation
-
Host Header Injection
-
Insecure URL Redirect
-
Leftover Debug Code
-
Log4j JNDI Injection
NEW -
Personally Identifiable Data in URL
-
Reflected Cross Site Scripting
-
Ruby rest-client Backdoor
-
Session Fixation
-
SQL Injection
-
Stored Cross Site Scripting
-
TikTok Cross Site Scripting
-
Token Exposure in URL
-
User Enumeration
-
Vertical Privilege Escalation
-
Weak Randomness
-
XML Entity Injection