r4_tutorials - richardrowe/railsgoat-tutorials GitHub Wiki

A2 - Broken Authentication and Session Management

A3 - Cross-Site Scripting "XSS"

A4 - Insecure Direct Object Reference

A5 - Security Misconfiguration

A6 - Sensitive Data Exposure

A7 - Missing Function Level Access Control

A8 - Cross Site Request Forgery

A9 - Using Components with Known Vulnerabilities

A10 - Unvalidated Redirects and Forwards

Extras - Logic Flaws

Extras - Metaprogramming

Extras - Mass Assignment

⚠️ GitHub.com Fallback ⚠️