Owasp Top 10

Azareal

Paragon
Dec 18, 2010
1,746
354
130
Mars
gosora-project.com
FP$
4,498
https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
Owasp publishes a top 10 list containing the most widespread, etc. security vulnerability categories and several mitigations (although, you might want to do a bit of research to figure the best way to harden your system) for web development every year.

The top 4 for 2017 (they haven't published one for 2018 yet) are injections (e.g. NoSQL, SQL, LDAP Injections), broken authentication, sensitive data exposure, and XML being a pile of garbage you should never use.

Hopefully, it'll be useful for giving you pointers on where you to look in your web applications for flaws and you'll come away from it more secure.
 
  • Like
Reactions: Cosmic