OWASP Archives

November 20, 2024

Published by SecureLayer7 Lab at November 20, 2024

Understanding OWASP API 06:2023 Unrestricted Access to Sensitive Business Flows

In July 2023, a serious breach involving Ivanti’s EPMM surfaced due to the CVE-2023-35078 zero-day vulnerability. Attackers exploited this flaw, gaining unauthorized API access, manipulating server […]

August 23, 2024

Published by Saurabh Banawar at August 23, 2024

OWASP TOP 10: Insufficient Attack Protection #7 – CAPTCHA Bypass

Welcome to the seventh installment of our blog series on “Insufficient Attack Protection.” In this edition, we shine a spotlight on the growing concern of CAPTCHA […]

August 5, 2024

Published by Prakash Dhatti at August 5, 2024

OWASP Top 10 : Penetration Testing with SOAP Service and Mitigation

Simple Object Access Protocol (SOAP) Overview: Simple Object Access Protocol (SOAP) is a Connection or an interface between the web services or a client and web […]

July 19, 2024

CORS Security Vulnerability Misconfiguration and Patch

Published by Saurabh Banawar at July 19, 2024

OWASP TOP 10: Security Misconfiguration #5 – CORS Vulnerability and Patch

What is the meaning of an origin? Two websites are said to have same origin if both have following in common: So, sites http://example.com and http://example.com/settings have […]

April 15, 2021

Published by Surendiran S at April 15, 2021

What is WAF? How Web Application Firewall Evasion Techniques Work?

What is WAF? A web application firewall is a specific kind of application firewall that applies explicitly to web applications. It is released before web applications […]

February 15, 2021

Published by Chirag Jariwala at February 15, 2021

OWASP IoT Top 10 Series: Weak or Hardcoded Password Policy OWASP

In the last blog we had explored OWASP IoT Top 10 vulnerabilities overview, now we will explore the impact of each of these OWASP vulnerabilities on […]

January 19, 2021

Published by Chirag Jariwala at January 19, 2021

OWASP Top 10 Vulnerabilities IoT Security: Lack of Physical Hardening

With ever increases attack surfaces with IoT devices, physical hardening is also one of the important aspects of IoT Security. Many times these devices are being […]

July 18, 2020

Published by Chirag Jariwala at July 18, 2020

OWASP Top 10 Overview and Vulnerabilities

What is OWASP? OWASP, also known as the Open Web Application Security Project, is an online platform that creates articles available freely, programs, documentation, tools, and […]

June 17, 2020

Published by Renuka Sharma at June 17, 2020

API Security Assessment OWASP 2019 Test Cases

An Application Programming Interface (API) is a component that enables communication between two different applications. They can be applications developed on different platforms and it uses […]