31 lines
589 B
Plaintext
31 lines
589 B
Plaintext
# cspj application
|
|
|
|
## attacks
|
|
|
|
1. sql injection
|
|
2. xss
|
|
3. command injection
|
|
4. file inclusion attacks
|
|
5. csrf
|
|
6. directory traversal
|
|
7. insecure deserialization
|
|
8. session hijacking
|
|
9. xml external entity injection
|
|
10. sever side request forgery
|
|
11. broken authentication and session management
|
|
12. clickjacking
|
|
|
|
## backend
|
|
|
|
backend-for-frontend server
|
|
|
|
!remember to set the environment variables
|
|
!include this in the setup instructions
|
|
!should we use a .env file and let the user set the variables?
|
|
|
|
PGHOST=localhost
|
|
PGPORT=5432
|
|
PGDATABASE=asdfdb
|
|
PGUSER=asdfuser
|
|
PGPASSWORD=asdfpassword
|