WEB Security
- Broken Access Control
- Cryptographic Failures
- Injection
- Lee <img src='#' onerror=alert(1) /> Jensen
- <div v-html="input"></div>
- Lee' OR 1=1 OR name='Jensen
- "select * from secret where name='${input}' "
- How to Prevent?
- Insecure Design
- Security Misconfiguration
- Vulnerable Components
- ID and Auth Failures
- Software and Data Integrity Failures
- Logging/Monitoring Failure
- Cross Origin Resource Sharing
- Put on your white hat
- Security Minded Testing