OWASP Web Security Top 10

2021

The OWASP Top 10 (2021) is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications.

A01:2021Broken Access ControlCritical A02:2021Cryptographic FailuresHigh A03:2021InjectionHigh A04:2021Insecure DesignHigh A05:2021Security MisconfigurationHigh A06:2021Vulnerable & Outdated ComponentsMedium A07:2021Identification & Authentication FailuresHigh A08:2021Software & Data Integrity FailuresHigh A09:2021Security Logging & Monitoring FailuresMedium A10:2021Server-Side Request ForgeryHigh

Each item contains theory, a real vulnerability demo, and a flag to capture. Start with item 1 and work through all 10.