Learn to play defense by hacking these broken web apps

The best way to learn to play defense is to play offense, and the OWASP Broken Web Applications Project makes it easy for application developers, novice penetration testers, and security-curious management to flex their offensive muscle in the safety of a virtual machine on their own laptop.

Web applications are the most visible front door to any enterprise and are often designed and built without strong security in mind. Stressing out over hardware vulnerabilities like Spectre or Meltdown is fun and trendy, but while you’re digging a moat around your castle someone is prancing across the drawbridge using SQL injection (SQLi) or cross-site scripting (XSS).

To read this article in full, please click here

Read more: Learn to play defense by hacking these broken web apps

Story added 9. November 2018, content source with full text you can find at link above.