Security / Quiz

OWASP Top 10 Primer

Broken access control, injection, and insecure design, recognize the vulnerability classes that dominate real breaches.

Difficulty
Medium
Format
Quiz
Points
150
Estimate
9 min

// MISSION BRIEF

Your Mission

You don't need to be a pentester to test for security, you need to recognize the vulnerability classes and think in abuse cases. This quiz covers the OWASP Top 10 essentials every QA engineer should own.

Note: these questions are about recognizing and testing for vulnerabilities defensively, the tester's job.

// FIRST CONTACT

Battle teaser

Changing the URL /account?id=1001 to /account?id=1002 shows another user's account. This is:

  1. AA caching bug
  2. BCross-Site Scripting
  3. CBroken Access Control (IDOR), OWASP's #1 category
  4. DSQL Injection
Answers, scoring, hints, and the full battle stay sealed.

// SKILL TAGS

owaspidorxssinjectionsecurity