Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: AppSec FAQ at OWASP

AppSec FAQ at OWASP

From: Sangita Pakala <sangita.pakala_at_paladion.net>
Date: Wed, 28 Jan 2004 19:52:56 +0530

Hi,
 
The OWASP site has published a new Appsec FAQ that answers common
questions on web application security. The lively discussions in this
mailing list were the inspiration for the FAQ. You can read the FAQ at:
http://www.owasp.org/documentation/appsecfaq

The current version has sections on SQL Injection, XSS, Login Issues,
Browser Cache etc. It includes questions like:

Is it really required to redirect the user to a new page after login?
Why can't I trust the information coming from the browser?
How can the browser cache be used in attacks"?
Are Java servlets vulnerable to SQL injection?
How can my "Forgot Password" feature be exploited?

As with all other OWASP initiatives, we'd like your participation to
improve this FAQ. Please send your suggestions to owasp_at_owasp.org with
subject "OWASP AppSec FAQ".
 

Thanks to OWASP team and especially Mark Curphey, David Raphael and Ben
Poweski for helping us bring the FAQ online.
  

Regards,
Sangita
 
Sangita Pakala
Paladion Networks
http://www.paladion.net

P.S.- Just resending it in plain text, Mark.
Received on Jan 28 2004

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos