What is OWASP Top 10:
The Open Web Application Security Project is an online community that produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security.
We used to talk about tons of features/improvement in an application but when it comes to security, not everyone knows about it just because someone is already done with that or the framework handles it. Application Security is going to be the main thing to be considered when we are in the place to develop an application from scratch.
Each web application framework has a set of utilities to build security protocols for an application including Authentication, Authorization, File-access control, etc.,
We have an ocean of details and practice portals to learn about the security principles and best practices.
I don’t want to re-invent the wheel as we have many resources available to learn all these in common and specific to the framework.
Resources:
- OWASP Top 10:2021
- OWASP Top 10 Vulnerabilities 2021 Explained - AppSealing
- Practice your hacking skills with these CTFs
- GitHub - juice-shop/juice-shop: OWASP Juice Shop: Probably the most modern and sophisticated insecure web application (I have started practicing with this)
Hope this helps!