OWASP A01: Broken Access Control

Learn
Our first blog will have a few BAC issues in it, you will be able to edit and delete posts that do not belong to you.
You can test this out on Our cheeseblog

OWASP A02: Cryptographic failures

Learn
Yes indeed dear friends, this used to be known as sensitive data exposure, you can try out on Ratsite. Explore the source code well and look at any JaveScript files. They contain a username and password in this case!

OWASP A03: Injections

Learn
This vulnerability is diverse and we only have one lab for you, you can try out on Our XPATH Injection labs.

OWASP A04: Insecure Design

Learn
All of my labs are vulnerable af by design :) Our labs.

OWASP A05: Security Misconfiguration

Learn
The JWT token is vulnerable in our labs, you can go to JWT.io and change the flag to make yourself admin Our labs.

OWASP A06: Vulnerable and Outdated Components

Learn
If you register, we use an outdated component component of angularJS, you can set your name to insert CSTI, look up the vulnerable version and how to exploit it on google Our labs.

OWASP A07: Identification and Authentication Failures

Learn
Our ratsite contains many issues, for example you can use a very weak password or just log in using test/test Our labs.

OWASP A08: Software and Data Integrity Failures

Learn

OWASP A09: Security Logging and Monitoring Failures

Learn
Our ratsite contains many issues, it is nog logged or monitored, let alone any alerting Our labs.

OWASP A10: SSRF (Server side request forgery)

Learn
You can train your SSRF skills here, try to grab the contents of the /internal directory Our labs.