Chapter 10. Mitigation of OWASP Top 10
In this chapter, we will cover:
- A1 – Preventing injection attacks
- A2 – Building a proper authentication and session management
- A3 – Preventing cross-site scripting
- A4 – Preventing Insecure Direct Object References
- A5 – Basic security configuration guide
- A6 – Protecting sensitive data
- A7 – Ensuring function level access control
- A8 – Preventing CSRF
- A9 – Where to look for known vulnerabilities on third-party components
- A10 – Redirect validation
Introduction
The goal of every penetration test is to identify the possible weak spots in applications, servers, or networks; weak spots that could be the opportunity to gain sensitive information or privileged access for an attacker. The reason to detect such vulnerabilities is ...
Get Kali Linux Web Penetration Testing Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
