Welcome to the CodeAlpha_Secure_Coding_Review repository! This repository contains the PDF report detailing the vulnerability assessments of the web application named DefenselessV1, along with secure coding recommendations. The assessments were conducted using Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Penetration Testing techniques. These assessments were part of the tasks assigned during the Code Alpha Internship program to enhance understanding of Vulnerability Assessment and Penetration Testing (VAPT) techniques and reports.
- DefenselessV1_Vulnerability_Assessment_Report.pdf: This PDF report provides detailed findings from the vulnerability assessments conducted on the DefenselessV1 web application.
- DefenselessV1_Code_directory: This Directory contains the vulnerable application.
The purpose of this repository is to serve as a reference for understanding VAPT techniques, reports, and secure coding practices. It provides insights into identifying and mitigating security vulnerabilities in web applications, thereby enhancing overall security posture.
- Feel free to review the PDF reports to understand the vulnerabilities identified in the DefenselessV1 web application and the recommended remediation actions.
- SQL Injection
- RFI Remote File Inclusion
- XSS Stored Cross-site Scripting
- XSS Reflected Cross-site Scripting
Contributions to enhance the understanding of VAPT techniques, reports, and secure coding practices are welcome. You can contribute by:
- Providing feedback on the existing reports and recommendations.
- Suggesting improvements or additions to the content.
- Sharing additional resources or insights related to VAPT and secure coding.
This repository is licensed under the MIT License. Feel free to use and modify the content for educational and non-commercial purposes.
If you have any questions, suggestions, or feedback, please feel free to reach out.