Open in app

Sign in

Write

Sign in

Web Security and OWASP Top 10

Milind Chavan
3 min readMay 1, 2020

OWASP is Open Web Application Security Project. And here is list of Top 10 Web Security Attacks.

1. Injection

SQL Injection attack can lead to the complete and utter compromise of the database. It can mean that everything in the database gets exposed publicly and it can also mean that an attacker can modify or destroy anything within the database. Common Defences against Injection attacks:

  • Whitelists Untrusted Data
  • Parameterise the SQL statements
  • Finetune the Database Permissions

2. Broken Authentication & Session Management

This is one most important attacks because an attacker is able to log onto a system and impersonate the victim. This may happen by Auth cookie theft, Session Id theft or Account management theft. Common Defences against Broken Authentication:

  • Protect cookies by setting HttpOnly flag to true
  • Decrease window of risk
  • Hardening the account management

3. Cross-Site Scripting (XSS)

XSS attacks enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy. Common Defences against XSS:

  • Whitelists Untrusted Data
  • Always encode output
  • Encoding for context

4. Insecure Direct object references

This is all about attackers pulling records from websites that they should never have access to. When an Insecure Direct Object Reference risk is successful, the database then returns that record to the website and the website allows the attacker to exfiltrate that data. So Common Defences against Direct object References:

  • Implement explicit Access control
  • Don’t expose internal keys externally
  • Avoid predicable keys

5. Security Misconfiguration

With Security Misconfiguration, that the website responds with the exposure of “gateway risk”, and with information that the attacker may then use to go and exploit other risks. So Common Defences against Security Misconfiguration:

  • Apply the “Principal of least privilege”
  • Tune the app security config
  • Ensure all packages are up-to-date.

6. Sensitive Data Exposure

If this User logs in over HTTP and the Attacker can get on the network and sniff the traffic, and we also refer to this as a (man in the middle) attack, or MITM attack, then clearly that attacker can gain access to any of the data going over that connection. So Common Defences against Sensitive Data Exposure:

  • Minimise the sensitive data collection
  • Apply HTTPS everywhere
  • Use strong Crypto storage

7. Missing Function Level Access Control

There is a presentation level only security trimming in place. The link to the admin isn’t shown unless you’re logged in as an admin. However, the resource that sits behind that link doesn’t have its own access control. So Common Defences against Missing Function Level Access Control:

  • Define centrally and consistency authorisation role
  • Check for forced browsing (Auto scanners)
  • Always test unprivileged roles

8. Cross-Site Request Forgery (CSRF)

Effectively attacker tries to do is to get the user who is already authenticated to the target website, so that’s one of the conditions that normally has to be met for successful CSRF attack, the user has to be logged on to the site the attacker is trying to compromise. So this whole process is simply trying to trick the user’s browser into making an authenticated request to the target website. So Common Defences against CSRF:

  • Employ anti-forgery tokens (Adds randomness to request, unknown to attacker)
  • Validate the referrer
  • Native browser defences, Fraud detection patterns

9. Using Components with Known Vulnerabilities

The Attacker is simply to exploit a vulnerable component on the website. That can be a product or library which could be at risk of any one of the following, so for example, making it easy to circumvent access controls, Local file inclusion risks, and this sort of vulnerability makes it very easy for attackers to pull files from other places on the server environment the web app is running. So Common Defences against Components with Known Vulnerabilities:

  • Identify components and respective versions
  • Components should be monitored (CVE)
  • Keeping components updated

10. Unvalidated Redirects and Forwards

It takes to exploit this risk is to get a victim to click a malicious link. ommon Defences against Unvalidated Redirects and Forwards:

  • Use a URL whitelist
  • Use indirect references (Pass ID instead of URL)
  • Check the referrer
Owasp
Owasp Top 10

--

--

Milind Chavan

Written by Milind Chavan

46 Followers

An Azurer, Web developer, Technologist, Writer, Poet, Runner. Opinions are my own.

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams