Top ten Vulnerabilities of Web Applications Introduction Welcome to module 5 of the “Web Application Hacking Techniques” workshop. So far, we have presented different methods and techniques to exploit web application vulnerabilities. We have covered SQL Injections and command execution vulnerabilities with hands-on labs and also have explained a couple of other web application vulnerabilities, such as XSS, etc. Since information security is a very organized field, it has some set standards and frameworks that are consistently followed by security professionals. It’s worthwhile to talk about the top ten web application vulnerabilities, which are considered, accepted and recognized by industry leading organizations. These top ten vulnerabilities are listed by OWASP (Open Web Application Security Project). Prerequisites It is recommended that you should first complete the previous four modules and then start module 5, otherwise you might not get all the benefits from this module.