Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Trending Vulnerabilities with Insights to OWASP TOP 10

Trending Vulnerabilities with Insights to OWASP TOP 10

This talk covers information about the trending vulnerabilities with insights to OWASP TOP 10 (2017) and how to approach them in my way.

40301c0affdf359eaca771713e22b71a?s=128

Harsh Bothra

May 27, 2021
Tweet

Transcript

  1. Trending Vulnerabilities with Insights to OWASP TOP 10 By –

    Harsh Bothra
  2. Who-Am-I? Cyber Security Consultant @RedHuntLabs Core Pentester @Cobalt.io Lazy Bug

    Bounty Hunter – Bugcrowd | Synack | Private Author | Blogger | Speaker Creator @ProjectBheem Going through #Learn365
  3. AGENDA INTRODUCTION TO APPLICATION SECURITY OWASP TOP 10 TRENDING VULNERABILITIES

    HUNTING : MY WAY
  4. Introduction to Application Security

  5. Application Security – Tech Classification Web Application Mobile Application APIs

    Thick Clients
  6. OWASP TOP 10 Injection Broken Authentication Sensitive Data Exposure XML

    External Entities Broken Access Control Security Misconfiguration Cross-Site Scripting Insecure Deserialization Using Component with Known Vulnerabilities Insufficient Logging and Monitoring
  7. Commonly Identified Vulnerabilities Sensitive Information in JS & Public Resources

    Broken Access Controls Authorization Check Bypass & Privilege Escalations Server-Side Request Forgery Cross-Site Scripting Business Logic Abuse
  8. Trending Vulnerabilitiies GraphQL Vulnerabilities WebSocket Vulnerabilities OAuth Vulnerabilities SAML Vulnerabilities

    NoSQL Injection Cache Based Vulnerabilities Bypasses JWT
  9. Approaching Trending Vulnerabilities Hunting – My Way!

  10. TIPS & TRICKS!

  11. GET IN TOUCH AT Twitter: @harshbothra_ LinkedIn: /in/harshbothra Instagram: @harshbothra_

    SpeakerDeck: /harshbothra Email: hbothra22@gmail.com
  12. Thank you!