🥷
Red
  • 🟥Overview
  • 📚Education
    • 🧐Guides
    • 🏋️Training
    • 📕Books
    • 🥳Conventions
    • 📰News
    • 🗝️Physical Tools
    • 🗣️Podcasts
    • 📹YT Channels
  • Setup
    • ctf setup
    • Exploitation Frameworks
    • Learning Offense
    • rando
  • ⭕Attacker Lifecycle
    • Steps
      • Engagement
      • 🔬Recon
        • OSINT
        • Active Recon / footprinting
      • 👀Initial Access
        • Exploit
          • SMB
        • Internal Recon
        • Linux Custom Enum Script
        • enumerate Script
        • Windows Privilege Escalation
      • 🧞Privilege Escalation
        • Ways To Privelege Escalate
      • Data Exfil
        • Data Exfil 1
      • Reporting
  • Bug Bounty
    • Bug Bounty Sites
    • OWASP Top 10
      • Injection
      • Broken Authentication
      • Sensitive Data Exposure
      • XML External Entities (XXE)
      • Broken Access Control
      • Security Misconfigurations
      • Cross-Site Scripting (XSS)
      • Insecure Deserialization
      • Using Components with Known Vulnerabilities
      • Insufficient Logging and Monitoring
Powered by GitBook
On this page
  1. Bug Bounty
  2. OWASP Top 10

Security Misconfigurations

Security misconfigurations occur when systems or applications are not securely configured. This can include default settings, error messages that reveal sensitive information, or the presence of unnecessary services, among other things.

# Vulnerable code (exposing sensitive information through error messages)
try:
    # Code that may throw an exception
except Exception as e:
    print("An error occurred: " + str(e))

# Secure code (proper error handling)
try:
    # Code that may throw an exception
except Exception as e:
    logError("An error occurred: " + str(e))
PreviousBroken Access ControlNextCross-Site Scripting (XSS)

Last updated 1 year ago