Secure Login Challenge
This project addresses all the web vulnerabilities and implements login system in a secure way
Web vulnerabilities addressed
- Cross Site Forgery Request
- Clickjacking
- SQL/NoSQL/LDAP/XML Injection
- XSS Attack
- Response Manipulation
- Sensitive Information Disclosure
- Authentication Bypass
- Parameter Pollution & Mass Assignment
- Credentials Over Unencrypted Channel
- Missing Brute-Force Protection
- User Enumeration
- Throttling Requests
- Remote Code Execution
Hosting Guide
1. Download the code
First install git in the system, then type the following command in command prompt
git clone https://github.com/Sainya-Rakshatam-Submission/secure-login.git
cd secure-login
2. Setup the Virtual Environment
Install python-3.9
in the system, then run the following command in the console
pip install virtualenv
virtualenv env
env/scripts/activate
pip install -r requirements.txt
Now rename example.env
to .env
and now see this video on how to setup the .env
file.
3. Setup the database
If you are in local environment then the project will automatically use the sqlite
unless speficied the database url in…