r3_tutorials - richardrowe/railsgoat-tutorials GitHub Wiki

A2 - Broken Authentication and Session Management

A3 - Cross-Site Scripting

A4 - Insecure Direct Object Reference

A5 - Security Misconfiguration

A6 - Sensitive Data Exposure

A7 - Missing Function Level Access Control

A8 - Cross Site Request Forgery

A9 - Using Components with Known Vulnerabilities

A10 - Unvalidated Redirects and Forwards

Extras - Mass-Assignment

Extras - Logic Flaws

Extras - Metaprogramming

© The Open Web Application Security Project - OWASP, 2015

⚠️ GitHub.com Fallback ⚠️