Next we move on to OWASP Top 10 – 2021 in 2025 on THM!
This module covers alot of topics as you would expect so as I’m pressed for time this week (and next week) with real life work and testing I will post a review at the end of the overall module/room!
This room follows the complete OWASP top 10 shown below –
This room should take a few days to do dependant on the time I have as there is 23 section in total.
Good room, covers all the OWASP top 10 in an easy to follow format and was quite fun, not to toot my own horn here..
But alot of the challenges we easy as you would expect and I knew a lot of this anyway, still always good to go over things! (However, the cowsay injection question threw me because I NEED TO LEARN TO READ /sbin/nologin)!
The JWT room was quite odd too as the example shows one thing however the output includes a = which is not included in the explanation but hey what do I know!
Last section SSRF was fun!
Until next time & don’t sleepwalk through life!
Äddi