OWASP
- Open Web Application Security Project
OWASP Top 10 2021
- Broken Access Control
- Cryptographic failures
- Python:
- Argon2
- bcrypt (factor of 10)
- scrypt
- PBKDF2
- Use: Advanced Encryption Standard (AES)
- Do not use:
- Cipher Block Chain (CBC)
- Electronic Code Book (ECB)
- Use Hash and Salt for any password
- Python:
- Injection
- Include XSS
- Persistent (stored) XSS
- Reflective XSS
- Include XSS