Owasptop10
WHAT IS OWASP TOP-10 ?
Open Web Application Security Project
It is non-profit charitable organisation, which works towards the security of the web application. They gather the information from all around the globe. They gather the information through CTF initiative. They open challange the whole hacking community, to hack into the online system and capture the flag, in return, they will provide with the bounty. They gather the logs of the attacks which are performed in the CTF. After gathering the whole logs, they perform the analysis of these logs and categorise the attacks accordingly. They release a list of 10 attacks. OWASP TOP 10. --> top 10 attacks.A1 -Injection A2 -Broken Authentication and Session Management A3 -Cross-Site Scripting (XSS) A4 -Insecure Direct Object References A5 -Security Misconfiguration A6 -Sensitive Data Exposure A7 -Missing Function Level Access Control A8 -Cross-Site Request Forgery (CSRF) A9 -Using Components with Known Vulnerabilities A10 -Unvalidated Redirects and Forwards
OWASP 2013 --> Stable https://www.owasp.org/index.php/Top_10_2013-Top_10 OWASP 2017 --> Data sufficient https://www.owasp.org/images/7/72/OWASP_Top_10-2017_(en).pdf.pdf
live Demonstration Of Threatmaps link
https://cybermap.kaspersky.com/ https://www.fireeye.com/cyber-map/threat-map.html http://map.norsecorp.com/
=====================================================================