This repository documents my hands-on learning and investigation of common OWASP web application vulnerabilities.
The focus is on understanding how web applications work, how user input is processed, and how security flaws can be detected in real-world scenarios.
This work reflects a security analyst / website investigator mindset, combining offensive awareness with defensive detection principles.
- Web application architecture
- HTTP request and response flow
- Client-side vs server-side processing
- Authentication and authorization logic
- Secure vs insecure design patterns
Overview:
SQL Injection occurs when untrusted input is directly incorporated into database queries, allowing attackers to manipulate SQL logic.
Detection Focus:
- Error-based SQLi indicators
- Boolean-based logic manipulation
- Time-based response delays
- Authentication bypass behavior
Security Takeaway:
- Parameterized queries
- Input validation
- Least-privilege database access
- Monitoring abnormal query patterns
Overview:
XSS vulnerabilities arise when applications fail to properly encode user-controlled input before rendering it in the browser.
Types Studied:
- Reflected XSS
- Stored XSS
- DOM-based XSS
Detection Focus:
- Reflected input in responses
- Unsafe JavaScript sinks
- Input handling in forms, headers, and parameters
Impact:
- Session hijacking
- Credential theft
- Client-side malware injection
Mitigation Concepts:
- Context-aware output encoding
- Content Security Policy (CSP)
- Secure frontend frameworks
Overview:
IDOR occurs when applications expose internal object identifiers without enforcing proper authorization checks.
Detection Focus:
- Parameter tampering
- Horizontal privilege escalation
- Vertical privilege escalation
- Broken access control logic
Security Impact:
- Unauthorized data access
- Account takeover
- Data leakage
Local File Inclusion (LFI):
- Inclusion of local system files via user input
- Path traversal indicators
- Log file inclusion risks
Remote File Inclusion (RFI):
- Execution of remote files due to insecure include mechanisms
- Dependency on server configuration and input handling
Detection Focus:
- File path manipulation
- Unexpected file rendering or execution
- Error messages revealing filesystem structure
Overview:
Command Injection vulnerabilities occur when user input is passed directly to system-level commands.
Detection Indicators:
- Unexpected command execution behavior
- Output reflecting OS-level responses
- Time delays indicating command chaining
Security Impact:
- Full system compromise
- Data exfiltration
- Service disruption
The objective of this repository is to build strong investigation and detection skills aligned with:
- Web application security analysis
- Blue Team monitoring and detection
- Pentesting fundamentals
- OWASP Top 10 understanding
This repository is maintained strictly for educational and ethical security research purposes