Day 76: 05 November 2020
Completed both courses (in French):
In the second course, we talk about computer security.
This topic should not be underestimated, especially when dealing with sensitive data.
The top ten web vulnerabilities identified by OWASP :
- Injection: it allows the injection of arbitrary code to perform actions that will be interpreted by the application. To block this kind of attack, it is possible to use secure functions or to validate user input.
- Session hacking: this occurs when the authentication system has been bypassed, for example by using brute force techniques. To protect against this type of attack, it is necessary not only to force users to use strong passwords, but also to secure the use of session cookies, for example.
- Exposure of sensitive data: this occurs in the event of a data leak, for example. To protect against this type of attack, it will be necessary to use encryption solutions to secure data in transit and data stored on the application.
- External XML (XXE) entities: XXE vulnerabilities can be used to access data internal to the application that is not normally accessible. To prevent this type of attack, it is possible to disable external entities.
- Bypassing access controls: Access controls can be used to prevent a user from accessing another user's data. To prevent an attacker from exploiting this vulnerability, ensure that all pages in your application have authentication controls.
- Wrong security configurations: These can be the source of many attacks. Be sure to keep your application components up to date to prevent a vulnerability from being exploited.
- Unsecured deserialization: this vulnerability can allow an attacker to carry out a privilege escalation, replay or injection attack. To avoid this type of attack, it is possible to implement controls on the state of the code.
- The use of components containing known vulnerabilities: an application is based on many components. To avoid the exploitation of a vulnerability, it will be necessary to keep up to date and identify the components of your application.
- The lack of monitoring and logging: monitoring and logging will allow to detect an intrusion or suspicious behavior as soon as possible. Regularly check your logs and set up reports.
Unfortunately this course is mostly theoretical with a lot of blah blah blah blah.
Years ago I saw on the internet some vulnerable web applications created with the sole purpose of doing penetration tests. At that time I was not able to create a web application, so I had no interest in that.
One of them was Damn Vulnerable Web Application (DVWA)
Today I did a research on the subject and found several resources that are much more interesting than DVWA.
They are all based on the same concept: training to hack a web application.
But only one caught my keen interest …
OWASP Mutillidae II is a free, open source, deliberately vulnerable web-application providing a target for web-security enthusiast. Mutillidae can be installed on Linux and Windows using LAMP, WAMP, and XAMMP.
I think I just found my side-project.
**Link to tweet:**