I²Cx Web
I²Cx Web is a Web cybersecurity training platform. It allows to discover all the applicative vulnerabilities from the OWASP’s top 10. With the I²Cx Platform card, il is also possible to connect to this interface and showcase smart devices vulnerabilities.
A wide range of vulnerabilities
Lack of logging and monitoring
Log files and metrology
Unsecure remote update
Headers’ recovery
Recovery on the browser
XSS
Login and profile screen injection, DOM injection
XXE
XML
Database injection
SQLmap, SQLi (search engine, log in and blind)
Unsecure deserializing
Script vulnerability, serializing, code interpretation
Wrong header configuration
SQLmap, SQLi (search engine, log in and blind)
Wrong cryptographic configurations
HTTPS, TLS, certificates, certification chains, cipher suite
Sensitive data exposition
Data encryption, restricted acess
Broken access control
URL bypass, uncontrolled data access (API)
Authorizations failures
Path transversal, avatar authorization failure, cookie theft, role change…