Introductory project to computer security in the specific area of the web, this project will make you dissect a vulnerable website. In doing so, you will develop your own way of thinking about security in a web application and become aware of the problems related to simple "errors" of development, seen from a programming point of view and also from a design point of view.
- 00_page_survey:
data validation - 01_page_feedback:
stored xss - 02_admin:
htpasswddata leak - 03_hidden:
data leak - 04_page_redirect:
unvalidated redirect - 05_page_member:
sql injectionfull path disclosure - 06_page_searchimg:
sql injection - 07_page_signin:
brute force attacksql injection - 08_page_recover:
bad design - 09_page_upload:
unrestricted file upload - 10_cookie:
cookie poisoning - 11_headers:
referer spoofing - 12_page_etc_passwd:
path traversal - 13_page_media:
reflected xss