OWASP Top 10 | Security misconfigurations | TryHackMe| Task19

It include:

  • Poorly configured permissions on cloud services, like S3 buckets
  • Having unnecessary features enabled, like services, pages, accounts or privileges
  • Default accounts with unchanged passwords
  • Error messages that are overly detailed and allow an attacker to find out more about the system
  • Not using HTTP security headers, or revealing too much detail in the Server: HTTP header

--

--

--

Content Creator

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

How to Create a Secure Dynamic Master Password

{UPDATE} Cars Arena Hack Free Resources Generator

Schrems II, Brown vs. Google — What Now? | BigID

Optimizing Online Security For Business And Personal Information

Optimizing Online Security For Business And Personal Information Featured Image

From (Almost) 0x0 to OSCP: My Journey to become OSCP

Snowden, Instagram, and my online privacy

{UPDATE} 仙域M Hack Free Resources Generator

Top 10 Reasons to Pass Cisco 300–730 SVPN Exam

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
br4ind3ad

br4ind3ad

Content Creator

More from Medium

Lumberjack Turtle Writeup — TryHackMe

HTB — Lame Writeup

HackTheBox Previse Walkthrough

Oh My WebServer — TryHackMe