OSWAP Defination

-

 OWASP


The "Open Web Application Security Project" framework is a community-driven and frequently updated framework used solely to test the security of web applications and services.


The foundation regularly writes reports stating the top ten security vulnerabilities a web application may have, the testing approach, and remediation.


AdvantagesDisadvantages
Easy to pick up and understand.It may not be clear what type of vulnerability a web application has (they can often overlap).
Actively maintained and is frequently updated.
OWASP does not make suggestions to any specific software development life cycles.
It covers all stages of an engagement: from testing to reporting and remediation.
The framework doesn't hold any accreditation such as CHECK.
Specialises in web applications and services.
Intentionally left blank.

Comments

Post a Comment

Popular posts from this blog

Custom Domain to GitHub Pages (Hostinger Edition)

-
Image
Go to your Hostinger domain DNS settings The first step is to go to your Hostinger domain DNS settings. You can do this by visiting  https://hpanel.hostinger.com/domain/yourdomain.com/dns . Create two new CNAME records We need to create two new CNAME records. The first record will point  www.yourdomain.com  to  <your-github-username>.github.io . The second record will point  yourdomain.com  to  <your-github-username>.github.io . Enter Type - CNAME, Name - www, Points to - .github.io, TTL you can leave as default. This is for when someone types  www.yourdomain.com . Then we need the same for APEX domains or when someone just types  yourdomain.com , for this enter another CNAME with Name - @ and Points to .github.io. This will automatically set an ALIAS type and add it to the DNS records.  Add the GitHub Pages IP addresses Finally, we need to add the IP addresses and the txt value(this is obtain in the github/gitlab itself) for...
Read more

Resizing partition in AWS

-
  First lsblk If Using a Standard Partition (No LVM) Resize the partition: sudo growpart /dev/nvme0n1 1 Resize the filesystem: sudo resize2fs /dev/nvme0n1p1 # For ext4 sudo xfs_growfs /dev/nvme0n1p1 # For XFS Step 4: Verify the New Storage df -h You should now see the increased disk space. 🚀
Read more

Gitlab docker commands

-
Image
 sudo docker exec -it <container_id> bash Check for all GitLab services running in gitlab gitlab-ctl status  To stop any GitLab services gitlab-ctl stop prometheus To start any GitLab services gitlab-ctl startprometheus When Sidekiq Is Stopped: Email Notifications Won't Be Sent : Since Sidekiq is responsible for handling background tasks like email delivery, if you stop Sidekiq, the forgot password email won't be sent to the user. The request for a password reset will still be processed, but the system will not be able to send the email due to Sidekiq being down. Other Email-Related Features : Any other features that rely on email notifications (like user invitations, confirmation emails, or CI/CD notifications) will also be affected. To check whether GitLab is enforcing authentication (which could be affecting the ELB health check), run the following inside the GitLab Rails console (command: gitlab-rails console): ApplicationSetting .first.password_authentication...
Read more