# Web Application Security

### OWASP Top 10

{% embed url="<https://owasp.org/www-project-top-ten/>" %}

* Injection &#x20;
* Broken Authentication&#x20;
* Sensitive Data Exposure&#x20;
* XXE Attacks&#x20;
* Broken Access Control&#x20;
* Security Missconfigruation
* Cross-Site Scripting (XSS) &#x20;
* Insecure Deserialization&#x20;
* Using Compontents with known vulnerabilities
* Insufficient logging & monitoring

This risks will be be practiced with different exercises.

### Exercises