OWASP - Tacos and Security

OWASP

A collection of 3 posts

Learning Things: CSRF - Cross-Site Request Forgery

I've heard the term multiple times, but I actually had no real idea what it was. Cross-Site Request Forgery, or CSRF (also somtimes pronounced as Sea-Surf). Well, I had the textbook definition that goes something like this [https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/06-Session_Management_Testing/05-Testing_

Let's Learn: OWASP Top 10 - Security Misconfiguration

I've known of the OWASP Top 10 for a while, but I can't say I've ever become deeply knowledgeable of the inner-workings of each. I've always understood them on a surface level that's maybe deep enough to pass your Sec+ or some other multiple-choice exam (not a knock on multiple

Free resources for learning web app testing

Web app testing is a cool space. There's a lot of new, interesting territory for someone like me who has been learning network pentesting. Both are a lot of fun, but web applications have so many interesting things going on that I've found I kind of dig it. That said,