Refactor README and command documentation to streamline deployment and CI/CD processes. Consolidate deployment strategies and remove obsolete commands related to CI/CD and observability. Enhance task decomposition workflow by adding data model and deployment planning sections, and update directory structures for improved clarity.

2026-04-23 00:36:38 +00:00 · 2026-03-19 12:10:11 +02:00
parent 5b1739186e
commit cfd09c79e1
17 changed files with 1314 additions and 313 deletions
@@ -49,19 +49,8 @@ When testing security or conducting audits:
 - Validating input sanitization
 - Reviewing security configuration

-### OWASP Top 10 (2021)
-| # | Vulnerability | Key Test |
-|---|---------------|----------|
-| 1 | Broken Access Control | User A accessing User B's data |
-| 2 | Cryptographic Failures | Plaintext passwords, HTTP |
-| 3 | Injection | SQL/XSS/command injection |
-| 4 | Insecure Design | Rate limiting, session timeout |
-| 5 | Security Misconfiguration | Verbose errors, exposed /admin |
-| 6 | Vulnerable Components | npm audit, outdated packages |
-| 7 | Auth Failures | Weak passwords, no MFA |
-| 8 | Integrity Failures | Unsigned updates, malware |
-| 9 | Logging Failures | No audit trail for breaches |
-| 10 | SSRF | Server fetching internal URLs |
+### OWASP Top 10
+Use the most recent **stable** version of the OWASP Top 10. At the start of each security audit, research the current version at https://owasp.org/www-project-top-ten/ and test against all listed categories. Do not rely on a hardcoded list — the OWASP Top 10 is updated periodically and the current version must be verified.

 ### Tools
 | Type | Tool | Purpose |