# OWASP Top 🔟 2017

Every cyber-security enthusiast has once come upon these terms **OWASP Top 10**.

The *Top 10* here means Top 10 Vulnerablities, the greatest software risks for any Web Application. OWASP is just an online community/non profit foundation that helps to improve the security of software for free.

To combat said vulnerablities and protect your website, [**TryHackMe**](https://tryhackme.com/) provides a room to pratice these vulnerabilities and teach you about each vulnerability. How it occurs and how to exploit it. Link for the room - [**THM OWASP Top 10 Room**](https://tryhackme.com/room/owasptop10)

I practiced this room a while back and wrote posts on Linkedin on how to solve each challenge. This is a culmination for all those posts in one place.

This is a mind map for all the things that are taught in that room.

![preview_mindmap.png](https://main-raikaustubh.netlify.app/assets/img/preview_mindmap.png align="center")

*(Mindmap much bigger than this. Click* [***THIS***](https://drive.google.com/file/d/1aBwE1J8sItyXawcbEt5YtiFXxnt50n6O/view?usp=sharing)*)*

## [Day 1 - Injection](https://lnkd.in/gmzbwgi)

## [Day 2 - Broken Authentication](https://lnkd.in/df93YQm)

## [Day 3 - Data Exposure](https://lnkd.in/d2raTVQ)

## [Day 4 - XML External Entity](https://lnkd.in/dwCjwBF)

## [Day 5 - Broken Access Control](https://lnkd.in/d77jsPj)

## [Day 6 - Security Misconfiguration](https://lnkd.in/dtF2FaU)

## [Day 7 - Cross-Site Scripting](https://lnkd.in/dhfK4sN)

## [Day 8 - Insecure Deserialization](https://lnkd.in/dE7ybe2)

## [Day 9 - Components with Known Vulnerabilities](https://lnkd.in/gTBsPg8)

## [Day 10 - Insufficeint Logging and Monitoring](https://lnkd.in/d5s-Jgw)

OWASP Top 10, this is just one of the concepts that one needs to learn in protecting thier application. There are many other vulnerabilites present and all of this can be learned through [**THM**](https://tryhackme.com/).
