While learning Web Penetration Testing and get to know extra vulnerabilities taking places on Webs, thought taking my learning a step further and make some bWAPP challenges as much as i can for learning and education purpose. When it comes to security, any website could be vulnerable to attack which can compromise sensetive data or worse. The purpose of bWAPP is so show exampls of some of the most common vector attacks and vulnerabilities that can lead to exploit because some bugy code, bad misconfiguration or some developer that just know how to bulid, but can't see from the eye of an attacker.
I will post from time to time some of my progress while trying braking the code/using
Exploitation of weakness. The list is by the OWASP TOP10 Web Application Security Risks.
"Companies should adopt this document and start the process of ensuring that their web applications minimize these risks. Using the OWASP Top 10 is perhaps the most effective first step towards changing the software development culture within your organization into one that produces more secure code." - OWASP
Link - HTML Injection - Reflected (GET) Link - HTML Injection - Stored (Blog) Link - Iframe Injection