VSinerva/csb-project-1
Archived
1
0
Fork 0
Code Activity
This repository has been archived on 2025-03-30. You can view files and clone it, but you cannot make any changes to it's state, such as pushing and creating new issues, pull requests or comments.
csb-project-1/README.md

37 lines
783 B
Markdown
Raw Normal View History

Add barebones README.md
2024-11-24 14:31:28 +02:00
# Cyber Security Base course project 1
## Purpose
A very insecure web app for the University of Helsinki Cyber Security Base -course.
The point is to demonstrate common cyber security problems and their fixes.
## Description of vulnerabilities
> **_NOTE:_** More detailed description of problems coming soon.
I am using the 2021 OWASP Top Ten list.
LINK: https://github.com/VSinerva/csb-project-1
I am using the basic Django template, so no instructions are included.
FLAW 1:
Add reminders for the upcoming vulnerabilities
2024-11-24 18:03:12 +02:00
Broken Access Control (Can delete another user's notes)
Add barebones README.md
2024-11-24 14:31:28 +02:00
FLAW 2:
Add reminders for the upcoming vulnerabilities
2024-11-24 18:03:12 +02:00
Cryptographic Failure (Weak/No password hashing)
Add barebones README.md
2024-11-24 14:31:28 +02:00
FLAW 3:
Add reminders for the upcoming vulnerabilities
2024-11-24 18:03:12 +02:00
SQL Injection (Unsanitized SQL query for search)
Add barebones README.md
2024-11-24 14:31:28 +02:00
FLAW 4:
Add reminders for the upcoming vulnerabilities
2024-11-24 18:03:12 +02:00
Identification and Authentication Failure (No password strength checks)
Add barebones README.md
2024-11-24 14:31:28 +02:00
FLAW 5:
Add reminders for the upcoming vulnerabilities
2024-11-24 18:03:12 +02:00
CSRF (No CSRF token for Delete)
Copy permalink