Introductory project to computer security in the specific area of the web, this project will make you dissect a vulnerable website. In doing so, you will develop your own way of thinking about security in a web application and become aware of the problems related to simple "errors" of development, seen from a programming point of view and also from a design point of view.
- 00_page_survey :
data validation - 01_page_feedback :
stored xss - 02_admin :
htpasswddata leak - 03_hidden :
data leak - 04_page_redirect :
unvalidated redirect - 05_page_member :
sql injectionfull path disclosure - 06_page_searchimg :
sql injection - 07_page_signin :
brute force attacksql injection - 08_page_recover :
bad design - 09_page_upload :
unrestricted file upload - 10_cookie :
cookie poisoning - 11_headers :
referer spoofing - 12_page_etc_passwd :
path traversal - 13_page_media :
reflected xss