Skip to content
  • Home
  • OWASP Top 10
  • Bug bounty hunting
  • About
  • Contact
  • How to support

Category: OWASP Top 10 training

Using components with known vulnerabilities

April 22, 2021 by thehackerish

Hello dear readers and welcome to this new OWASP Top 10 episode. Today, you will learn why using components with known vulnerabilities is bad, how to exploit it and how to mitigate it. So far, we’ve seen how you can write secure code which doesn’t expose security vulnerabilities. However, you might write 100% secure code …

Continue Reading
insecure deserialization

Insecure Deserialization explained with examples

April 22, 2021 by thehackerish

Hello ethical hackers and welcome to this new episode of the OWASP Top 10 vulnerabilities series. In this blog post, you will learn Insecure Deserialization vulnerability. The plan is as follows: Insecure deserialization definition: This where you will learn the key terminologies and concepts behind this vulnerability,  Examples of insecure deserialization in different programming languages: …

Continue Reading

Cross-site Scripting, XSS explained

April 22, 2021 by thehackerish

Hello ethical hackers! Welcome to this new episode of the OWASP Top 10 vulnerabilities series. In this article, you will learn Cross-Site Scripting (XSS). I’ve prepared a free practical testing lab VM which contains the best vulnerable web applications. The best approach to learn hacking is practice! There is so much content addressing this subject, …

Continue Reading
idor: insecure direct object reference

IDOR tutorial hands-on – OWASP Top 10 training

April 22, 2021 by thehackerish

Hello ethical hackers and welcome again to this OWASP Top 10 training series. In this hands-on IDOR tutorial, you will practice what you’ve learned about the IDOR vulnerability we explored earlier. Specifically, you will leverage IDOR to: Access other users’ data using simple IDs and UUIDs Impersonate other users Hunt for hard IDs Delete other …

Continue Reading
Sensitive Data Exposure

Sensitive Data Exposure tutorial – OWASP Top 10 training

April 22, 2021 by thehackerish

Hello and welcome to this new episode of the OWASP Top 10 training series. In this Sensitive Data Exposure tutorial, you will practice your skills on three challenges If you have no idea about this vulnerability, I invite you to read this blog post which explains Sensitive Data Exposure in detail. Make sure to subscribe …

Continue Reading
Broken authentication and session management tutorial

Broken Authentication and Session Management tutorial

April 22, 2021 by thehackerish

Hello and welcome to this new episode of the OWASP Top 10 training series. In this Broken Authentication and Session Management tutorial, you will practice put your knowledge into action on hands-on attack examples. If you don’t know the theory behind this vulnerability, I highly recommend you read it first and then come back. In this …

Continue Reading

SQL injection examples for practice

April 22, 2021 by thehackerish

Welcome to this new episode of the OWASP Top 10 training series. In this blog post, you are going to practice your skills on some SQL injection examples. In the first SQL injection example, we will exploit an error-based use case. Then, we are going to exploit a blind use case in the second SQL …

Continue Reading

Get you Free hacking lab VM.

free-hacking-lab-vm
Click on the image and get all you need to kickstart your journey in Web Hacking!

Overcome your struggles and become a successful bug bounty hunter!

Bug bounty hunting journey book
Click on the image and grab your own copy NOW!

Listen to the Hack for Fun and Profit Podcast

Support my work!

Categories

  • burp suite
  • Hacking
    • bug bounty
    • Penetration testing
    • red team
  • OWASP
    • OWASP juice shop
    • OWASP Top 10
      • OWASP Top 10 training
      • OWASP Top 10 vulnerabilities
    • OWASP WebGoat
    • OWASP ZAP
  • Secure coding
  • Uncategorized

Overcome your struggles and become a successful bug bounty hunter!

Get you Free hacking lab VM

free-hacking-lab-vm
free-hacking-lab-vm
© 2023 thehackerish | Built using WordPress and SuperbThemes