/secure-code-review-challenges

This repo contains the code for my secure code review challenges

Primary LanguageJava

Secure Code Review Challenges

This repo contains the code for my Secure Code Review challenges

Challenges

  1. Open Redirect
  2. SSRF
  3. Weak Password Hashing
  4. Hardcoded Credentials
  5. XXE
  6. XSS
  7. Host Header Injection
  8. Nginx Off-By-Slash
  9. Broken Access Control
  10. Broken Access Control (JWT missing verification)
  11. Path Normalization Bypass
  12. Unquoted Bash Variables
  13. SQL Injection
  14. Race Condition
  15. HTTP Response Splitting
  16. RCE via File Upload
  17. OS Command Injection
  18. Insecure Deserialization
  19. ...
  20. ...
  21. ...
  22. ...
  23. ...
  24. ...