OWASP

The Open Web Application Security Project® (OWASP) foundation works to improve software security and to provide resources for learning about securing web applications. They, for example, maintain a guide on Web Application Security Testing and keep track of the (current) most critical security risks in web applications.

Note that it is illegal to look for security flaws in web services unless the owner of the web service has given explicit permission. Here, we visit the topic for learning purposes, and the few assignments that you will work on will be on an application running on your own computer.

Here, your task is to pick one of the OWASP Top Ten security risks on the page at https://owasp.org/www-project-top-ten/ and to create a multiple choice question on it. Once you have read selected the security risk and familiarized yourself with it, create a multiple choice question using the widget below -- once done, answer five multiple choice questions from others and provide feedback on them.

When looking into the top ten security risks, click on them (e.g. the link "A01:2021-Broken Access Control" in the page linked above) to open up the risk-specific page with details.

Create your question using the widget shown below. First, come up with a title for the question and type it into the title area. Then, write the question to the question area. Finally, add the multiple choice options at the end, and mark the correct options as correct. You may add answer options by clicking the "Add answer option" button. Once you are done, click the "Preview" button to preview your question, and finally submit it to the pool of questions.

Once you have created the questions, answer to at least three peer-authored questions. After each question, you are given a possibility to rate the question -- please, rate each question that you answer.