Welcome to Sensitive Data Exposure Lab

This interactive lab demonstrates OWASP Top 10 vulnerability: Sensitive Data Exposure (A3)

Learn how sensitive data can be accidentally exposed in web apps and how hackers might find it!

Start Learning {% if user.is_authenticated %} View Your Profile {% else %} Register & Try it {% endif %}
{% if not user.is_authenticated %}
Demo Account

For quick testing, use these credentials:

Username: demo
Password: demopass

Login with demo account
{% else %}
You're logged in as {{ user.username }}

Ready to find some security vulnerabilities?

Go to Profile Review Lesson
{% endif %}
What You'll Learn
  • ✅ How sensitive data gets exposed
  • ✅ Where to look for data leakage
  • ✅ Common developer mistakes
  • ✅ How to protect sensitive info
Hands-on Activities
  • 🔍 Find hidden sensitive data
  • 🔍 Explore insecure API endpoints
  • 🔍 Discover client-side exposures
  • 🔍 Identify improper data masking
Real-world Context

This vulnerability has led to massive data breaches at companies like:

  • Equifax (147M records)
  • Capital One (100M records)
  • Marriott (500M customers)