Questions tagged [owasp]
For question about OWASP products or the practices of the organization. Do not use just because the vulnerability you are asking about is included on the OWASP Top Ten list.
169 questions
0
votes
1
answer
56
views
Can you escalate Allow list bypass in OWASP Juice Shop?
I am studying some pentest using the OWASP Juice Shop as target and this vulnerability is bothering me because it seems it has zero impact besides phishing. I could redirect the user to a website made ...
- 103
-2
votes
1
answer
214
views
what is the recommended xml secure configuration to prevent xxe
I want to write down as a security requirements, the recommended security configurations that should be applied to any xml parser.
I checked the OWASP cheatsheet (https://cheatsheetseries.owasp.org/...
- 559
1
vote
1
answer
559
views
Why are the unsafe challenges in OWASP Juice Shop a security risk in containerized environments? [duplicate]
OWASP Juice Shop is a popular tool for web security training, demos and learning. I am using the provided docker container and hosting it in a dedicated computer. However, there are certain challenges ...
- 113
0
votes
1
answer
443
views
OWASP dependency checker is not reporting vulnerabilities that VS.Net reports
We are using OWASP dependency check on a Jenkins build server to check for vulnerabilities in .Net solutions. For this, we installed the OWASP Dependency-Check on Jenkins. These checks run overnight, ...
- 21
0
votes
1
answer
247
views
Are all stateless authentication systems vulnerable to IDOR?
I have recently been introduced to the Insecure Direct Object Reference vulnerability (https://cheatsheetseries.owasp.org/cheatsheets/Insecure_Direct_Object_Reference_Prevention_Cheat_Sheet.html) with ...
- 1
0
votes
0
answers
2k
views
How to pentest Blazor Server apps?
I am trying to pentest a blazor server app but its very different to a traditional web app, client communicates to server via SignalR through web-sockets. The messages in web-sockets are MessagePack ...
0
votes
1
answer
425
views
Double Submit Cookie Bypass
I am trying to work on an example for my class on how double submit cookie works and how attackers can bypass it
The idea i have is I have two domain att.com and victim.com. The login functionality on ...
- 343
1
vote
1
answer
398
views
Verbose Headers/Information Leakage via HttpResponse Headers vs fingerprinting via named headers
I understand that a header like X-Powered-By can reveal details about the operating environment that can be used to find known vulnerabilities because you often get the language and compiler/...
- 161
0
votes
1
answer
855
views
Compatibility of ModSecurity Core Rule Set 4
OWASP Core Rule Set has many versions the latest is version 4.0 (release candidate), but I cannot find any indication about compatibility among various modsecurity releases.
Could these be used with ...
- 103
3
votes
2
answers
565
views
Benefits of certificate pinning to leaf with intermediate as a backup?
According to the OWASP Cheat Sheet on Certificate Pinning, their recommendation is to pin to the leaf certificate, but also pin to the intermediate CA as a backup.
Any security measure is only as good ...
- 131
1
vote
2
answers
1k
views
ModSecurity / CRS: Need custom rule to deal with false positive (user-inserted HTML formatted listings)
ModSecurity 3.0.8
ModSecurity-Nginx 1.0.3
CRS 4.0.0-rc1
I have a marketplace where sellers can list anything for sale. On the "item description" section, we allow users to copy and paste ...
- 123
0
votes
2
answers
3k
views
Execution error - PCRE limits exceeded
I have problem when implementing modsecurity and crs. Here is the issue, I hope anyone can give us some guide for resolving this issue.
Apache version :
Server version: Apache/2.4.29 (Ubuntu) Server ...
- 149
1
vote
1
answer
210
views
Interpreting OWASP prohibition: no sensitive-account login to any frontend interface
OWASP’s Authentication Cheat Sheet states unequivocally:
Do NOT allow login with sensitive accounts (i.e. accounts that can be used internally within the solution such as to a back-end / middle-ware /...
- 143
0
votes
1
answer
320
views
Is using newsequentialid bad?
I found a project that uses T-SQL's newsequentialid() for one of their external ID columns which is used for public APIs.
When that column is added to an existing table, each row gets an incremented ...
- 201
2
votes
0
answers
110
views
Normative reference for a web application disclosing existing values of integration secrets to users
In a web-based SaaS product, one of the configuration pages allows users to set credentials for system-wide integrations with other products. These include usernames, passwords, and API secrets.
The ...
- 121