Which Open Web Application Security Project (OWASP) implements a web application full of known vulnerabilities?

You have successfully gained access to a Linux server and would like to ensure that the succeeding
outgoing traffic from this server will not be caught by Network-Based Intrusion Detection Systems (NIDS).
What is the best way to evade the NIDS?

While performing online banking using a Web browser, a user receives an email that contains a link to an interesting Web site. When the user clicks on the link, another Web browser session starts and displays a video of cats playing a piano. The next business day, the user receives what looks like an email from his bank, indicating that his bank account has been accessed from a foreign country. The email asks the user to call his bank and verify the authorization of a funds transfer that took place. What Web browser-based security vulnerability was exploited to compromise the user?

Shellshock allowed an unauthorized user to gain access to a server. It affected many Internet-facing services, which OS did it not directly affect?

LM hash is a compromised password hashing function. Which of the following parameters describe LM Hash:?
I - The maximum password length is 14 characters.
II - There are no distinctions between uppercase and lowercase.
III - It's a simple algorithm, so 10,000,000 hashes can be generated per second.