Web applications are increasingly present in our daily lives, helping people and companies in carrying out their tasks. Most of these applications deal with the storage and processing of sensitive information. In software development projects, many teams choose to use frameworks to assist in the development process, reducing application delivery times. However, aspects of information security may not be prioritized, generating vulnerabilities that can be exploited by malicious attacks. This paper presents an assessment of the security techniques present in the Laravel framework for protection against attacks in web applications based on the ten vulnerabilities listed in the OWASP Top Ten. Through the security tests carried out, it was possible to identify which vulnerabilities Laravel has defense mechanisms, how developers can use them to protect user data and which vulnerabilities the framework lacks resources to defend against external attacks.