Ask HN: What are security exploits to try on personal wbsite?
3 comments
Terminology: an exploit is a specific crafted process to complete a break-in using a vulnerability in the system. In your situation you are generally interested in scanning / testing for vulnerabilities, and possibly verifying it by actually exploiting it.
I'd start with the OWASP top 10, https://owasp.org/Top10/
Depending on your tech stack and funtionality you could try SQL injection, CSRF or path traversal.
Got any tips on how I might easily implement these?
From a previous post, it seems to me the suggestions for DDOS'ing (as a low-bar way to exploit) converge on hitting a expensive query/operation many times and this can be aided by various tools, such as botnets and load testing tools.
What about other "common" security exploits? ie, exploits that are commonly unprotected against and can cause damage to a website?