In this chapter, we will cover:
The goal of every penetration test is to identify the possible weak spots in applications, servers, or networks; weak spots that could be the opportunity to gain sensitive information or privileged access for an attacker. The reason to detect such vulnerabilities is not only to know that they exist and calculate the risk attached to them, but to make an effort to mitigate them or reduce them to the minimum.
In this chapter, we will see examples and recommendations of how to mitigate the most critical Web application vulnerabilities according to OWASP (Open Web Application Security Project):
https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
3.144.123.155