Secure Code Review Challenges

This repo contains the code for my Secure Code Review challenges

Challenges

1. Open Redirect
2. SSRF
3. Weak Password Hashing
4. Hardcoded Credentials
5. XXE
6. XSS
7. Host Header Injection
8. Nginx Off-By-Slash
9. Broken Access Control
10. Broken Access Control (JWT missing verification)
11. Path Normalization Bypass
12. Unquoted Bash Variables
13. SQL Injection
14. Race Condition
15. ...
16. ...
17. ...
18. ...
19. ...
20. ...