OWASP NodeGoat Tutorial
Introduction
1. A1 - Injection
- 1.1. Server Side JS Injection
- 1.2. SQL and NoSQL Injection
2. A2-Broken Authentication and Session Management
- 2.1. Session Management
- 2.2. Password Guessing Attack
3. A3-Cross-Site Scripting (XSS)
4. A4-Insecure Direct Object References
5. A5-Security Misconfiguration
6. A6-Sensitive Data Exposure
7. A7-Missing Function Level Access Control
8. A8-Cross-Site Request Forgery (CSRF)
9. A9-Using Components with Known Vulnerabilities
10. A10-Unvalidated Redirects and Forwards

Powered by GitBook