Home page logo

bugtraq logo Bugtraq mailing list archives

Now Online OWASP Guide to Building Secure Web Applications
From: The Owasp Project <owasp () owasp org>
Date: Tue, 25 Jun 2002 12:40:32 -0700 (PST)

We are pleased to announce that the first release of 
the Open Web Application Security Project “Guide to 
Building Secure Web Applications” is now online in 
both pdf (1.67Mb) and HTML. 

The Guide covers various web application security 
topics from architecture to preventing attack 
specifics like cross site scripting, cookie 
poisoning and SQL injection. Its 80 pages of pure 
web application security and no vendor marketing in 
sight! The document is released under the GNU 
documentation license and was a community volunteer 
effort. Big kudos to all those involved.

You can download the Guide from the front page at 

This is just one of several projects underway 
including an open source web application scanner 
called WebScarab (due end of the year), a set of 
generic API’s called Filters to allow developers to 
easily protect their applications from malicious 
input / output such as XSS (due in next 3 months) 
and a formal testing methodology. Future projects 
include an intentionally buggy application for 
testing and learning, called WebMaven.

Oh, and did we mention its all open source and free !

If you like the work, want to contribute or have 
suggestions for improvements, please drop us a mail. 
owasp () owasp org

The Open Web Application Security Project


  By Date           By Thread  

Current thread:
  • Now Online OWASP Guide to Building Secure Web Applications The Owasp Project (Jun 27)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]