Discover From Related Topics
ajax
application
captcha
development
dns
hack
hacking
infosec
injection
javascript
owasp
password
pentest
php
programming
rails
research
security
security.favorites
security.in.sdlc
sql
tools
webappsec.best.practices
webdev
xss
Discovered Pages
[Discover] The Web Application Hacker's Handbook - checklist of tasks http://portswigger.net/wahh/tasks.html
(webappsec.assessment webappsec webappsec.session.management webappsec.best.practices) 
[Discover] Checklist: Securing Data Access http://msdn2.microsoft.com/en-us/library/aa302343.aspx (webappsec webappsec.best.practices security webappsec.database.security)
[Discover] Web Application Security Consortium http://www.webappsec.org/ (security infosec webappsec webapp)
[Discover] WebAppSec - FranzWiki http://www.scadasec.net/secwiki/WebAppSec (development security)
[Discover] WebAppSec - WebAppSec Wiki - FrontPage https://www.webappsec.jp/modules/bwiki/index.php?FrontPage (security programming read later)
[Discover] Zone-H.org - 10 reasons websites get hacked http://www.zone-h.org/content/view/14865/31/ (webappsec.realworld.hacks webappsec security)
[Discover] PhishMe » Owning Rails 2.0 Cookies at OWASP http://blog.phishme.com/2007/11/owning-rails-20-cookies-at-owasp/ (webappsec.realworld.hacks security.cookies webappsec security.ror)
[Discover] Best Practices for Secure Web Development http://panoramix.fi.upm.es/~flimon/secure_web_development.pdf (webappsec security.in.sdlc webappsec.best.practices security)
[Discover] CITS - MD5 Collisions http://www.cits.rub.de/MD5Collisions/ (security webappsec infosec research)
[Discover] Life of an OWASP Chapter Leader » Blog Archive » JavaScript Badware http://blogs.owasp.org/seba/2007/02/22/javascript-badware/ (xss webappsec)
[Discover] OWASP Secure Software Contract Annex - OWASP http://www.owasp.org/index.php/OWASP_Secure_Software_Contract_Annex (security.favorites owasp webappsec security.in.sdlc)
[Discover] OWASP Encoding Project - OWASP http://www.owasp.org/index.php/Category:OWASP_Encoding_Project (security ifoe owasp webappsec)
[Discover] SANS Institute - A Security Checklist for Web Application Design http://www.sans.org/reading_room/whitepapers/securecode/1389.php?portal=d836d6a43c067dc4559bc8c104c8 ... (webappsec sans security.in.sdlc security.white.papers)
[Discover] Jeremiah Grossman: Technology helps, but people matter most http://jeremiahgrossman.blogspot.com/2008/01/technology-helps-but-people-matter-most.html (security webappsec blog)
[Discover] SANS Institute - Deploying a Secure Web Application: From a Coding Perspective http://www.sans.org/reading_room/whitepapers/application/1138.php?portal=4b0c16caaf30eb787ba6c8d1387 ... (webappsec sans security.in.sdlc security.white.papers)
[Discover] SIFT - Information Security Services http://www.sift.com.au/36/172/xml-port-scanning-bypassing-restrictive-perimeter-firewalls.htm (tools webappsec webtools xml)
[Discover] Superimposing Nothing Nowhere: Another Free MacWorld Platinum Pass? Yes in 2008! http://grutztopia.jingojango.net/2008/01/another-free-macworld-platinum-pass-yes.html (security webappsec clustering infosec)
[Discover] Fierce Domain Scan http://ha.ckers.org/fierce/ (dns tool hacking pentest)
[Discover] heise Security - News - Webmail accounts hacked via WLAN http://www.heise-security.co.uk/news/93925 (webappsec security.google security.session.cookies webappsec.tools)
[Discover] ASP.NET ValidateRequest does not mitigate XSS completely http://blogs.msdn.com/ace_team/archive/2007/10/19/asp-net-validaterequest-does-not-mitigate-xss-comp ... (security xss .net asp.net)
[Discover] %41%43%45%20%54%65%61%6d : First Line of Defense for Web Applications – Part 1 http://blogs.msdn.com/hackers/archive/2007/10/12/first-line-of-defense-for-web-applications-part-1.a ... (security microsoft ifoe webappsec)
[Discover] AjaxFinger http://net-square.com/ns_freetools.shtml#ajaxfinger (scanning tools fingerprint ajax)
[Discover] SPI Dynamics : WebInspect http://www.spidynamics.com/products/webinspect/index.html (security scanner webappsec infosec)
[Discover] Chris Shiflett: Google XSS Example http://shiflett.org/archive/178 (xss google security webappsec)
[Discover] NIST Computer Security DRAFT Publications - Draft Special Publication 800-44 Version 2, Guidelines ... http://csrc.nist.gov/publications/drafts.html#sp800-44-version2 (security standard nist webappsec)
[Discover] Cross-Domain Ajax: Security Implications | Getahead http://getahead.org/dwr/ajax/cross-domain-xhr (ajax security webappsec crossdomainxhr)
[Discover] OWASP - Home http://www.owasp.org/index.jsp (security webservices guide applications)
[Discover] SANS Institute - Packet Sniffing In a Switched Environment http://www.sans.org/reading_room/whitepapers/networkdevs/244.php (arp.cache.poisoning security.favorites webappsec security.packet.sniffing)
[Discover] THC-HYDRA - fast and flexible network login hacker http://freeworld.thc.org/thc-hydra/ (password security hacking network)
[Discover] [WebAppSec] Automatic security and HackerSafe http://www.rorsecurity.info/2008/05/13/webappsec-automatic-security-and-hackersafe/ (on rails application ruby)
[Discover] WASC: Script Mapping Project http://www.webappsec.org/projects/scriptmapping/ScriptMapping_Release_26Nov2007.html (browser javascript hack js)
[Discover] IMAP is vulnerable to cross site scripting (PDF) http://www.ngssoftware.com/research/papers/InterProtocolCommunication.pdf (javascript email webappsec security)
[Discover] Default Passwords | CIRT.net http://www.cirt.net/passwords (security password default passwords)
[Discover] RTFM http://ya.maya.st/web/RTFM.html#languagepriority (webappsec configuration apache security)
[Discover] iSEC Partners: Speaking Engagements https://www.isecpartners.com/speaking.html (webservices webappsec presentations)
[Discover] [WebAppSec] The idea of negative CAPTCHAs http://www.rorsecurity.info/2008/04/04/webappsec-the-idea-of-negative-captchas/ (captcha security rails cap)
[Discover] LAMP - Security for the Web 2.0 http://www.mysql.com/news-and-events/web-seminars/mayflower.php (webappsec presentations ajax security)
[Discover] White Papers - Web Application Security Consortium http://www.webappsec.org/whitepapers.shtml (pentest security ebooks)
[Discover] [WEB SECURITY] XSS vulnerabilities in Google.com http://www.webappsec.org/lists/websecurity/archive/2005-12/msg00059.html (testing google)
[Discover] Reports of federal security breaches double in four months http://www.govexec.com/story_page.cfm?articleid=38348 (security incident webappsec)
[Discover] Web Application Firewall Evaluation Criteria http://www.webappsec.org/projects/waf_evaluation/v1/wafec-draft-1-20051007.html (firewall security)
[Discover] Re: [WEB SECURITY] Buggy preview of a new tool http://www.webappsec.org/lists/websecurity/archive/2005-05/msg00133.html (application osx software security)
[Discover] IEEE Security & Privacy http://www.computer.org/portal/site/security (webappsec magazine security)
[Discover] How to Take Down the Power Grid http://www.internetevolution.com/author.asp?section_id=515&doc_id=136047 (security webappsec security.scada)
[Discover] [WEB SECURITY] Advanced Web Attack Techniques using GMail http://www.webappsec.org/lists/websecurity/archive/2006-01/msg00087.html (javascript json programming hack)
[Discover] How to add validation logic to HttpServletRequest - OWASP http://www.owasp.org/index.php/How_to_add_validation_logic_to_HttpServletRequest (java validation owaps webappsec)
[Discover] [The Unexpected SQL Injection] Web Security Articles - Web Application Security Consortium http://webappsec.org/projects/articles/091007.shtml#p2 (php mysql)
[Discover] Can we please stop cross-site scripting attacks? | Computerworld Blogs http://blogs.computerworld.com/can_we_please_stop_cross_site_scripting_attacks (xss webappsec)
[Discover] Web Application Firewall Evaluation Criteria - Web Application Security Consortium http://www.webappsec.org/projects/wafec/ (waf security)
[Discover] Video of creating an XSS worm http://milw0rm.com/video/watch.php?id=71 (meebo webappsec ajax screencast)
[Discover] The Script Mapping Project - Web Application Security Consortium http://www.webappsec.org/projects/scriptmapping/ (mapping javascript wasc html)
[Discover] Secure Web - blog http://secureweb.typepad.com/secure_web/ (security.blogs webappsec blogs security)
[Discover] [Full-disclosure] on xss and its technical merit http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/067303.html (webappsec security xss)
[Discover] WebApp Sec: Re: [WEB SECURITY] cookies a fundamental threat? http://seclists.org/lists/webappsec/2006/Apr-Jun/0134.html (security http)
[Discover] [WEB SECURITY] XSS Vulnerabilities in Common Shockwave Flash Files http://www.webappsec.org/lists/websecurity/archive/2008-01/msg00001.html (security webdev flash)
[Discover] Automated Web Foo or Fud! | GNUCITIZEN http://www.gnucitizen.org/blog/automated-web-foo-or-fud (hacking toread webappsec websec)
[Discover] Threat Classification - Web Application Security Consortium http://webappsec.org/projects/threat/ (security)
[Discover] Domain Contamination - Amit Klein http://www.webappsec.org/projects/articles/020606.shtml (security)
[Discover] [WEB SECURITY] "Exploiting the XmlHttpRequest object in IE" - paper by Amit Klein http://www.webappsec.org/lists/websecurity/archive/2005-09/msg00019.html (ie xmlhttprequest spoofing xhr)
[Discover] Software Vulnerabilities in Java 5 http://www.sei.cmu.edu/publications/documents/05.reports/05tn044.html (security.java webappsec java secure.programming)
[Discover] WebApp Sec: RE: Defeating CAPTCHA http://seclists.org/lists/webappsec/2005/Jul-Sep/0454.html (captcha security)
[Discover] WASC Articles: The 80/20 Rule for Web Application Security http://www.webappsec.org/articles/013105.html (security research server)
[Discover] Salted Hashes Demystified - OWASP http://www.owasp.org/index.php/Image:Salted_Hashes_Demystified.doc (security.passwords owasp webappsec security)
[Discover] [WEB SECURITY] Round-up: Ways to bypass HttpOnly (and HTTP Basic auth) http://www.webappsec.org/lists/websecurity/archive/2006-05/msg00025.html (rest http security xss)
[Discover] [DOM Based Cross Site Scripting or XSS of the Third Kind] Web Security Articles - Web Application ... http://www.webappsec.org/projects/articles/071105.shtml#r1 (scripting dom security xss)
[Discover] The Insecure Indexing Vulnerability http://www.webappsec.org/articles/022805-plain.html (work policy indexing search)
[Discover] [The Importance of Application Classification in Secure Application Development] Web Security ... http://www.webappsec.org/projects/articles/041607.shtml (threats wasc development security)
[Discover] Education Track: What Developers Should Know on Web Application Security - OWASP http://www.owasp.org/index.php/Education_Track:_What_Developers_Should_Know_on_Web_Application_Secur ... (owasp.projects owasp webappsec security.in.sdlc)
[Discover] [WEB SECURITY] Re: [Full-disclosure] noise about full-width encoding bypass? http://www.webappsec.org/lists/websecurity/archive/2007-05/msg00092.html (security)
[Discover] Web Security Blog: ModSecurity Cookie and Link Protection Patch http://www.modsecurity.org/blog/archives/2006/08/modsecurity_coo.html (apache security webappsec)
[Discover] [MX Injection : Capturing and Exploiting Hidden Mail Servers] Web Security Articles - Web ... http://www.webappsec.org/projects/articles/121106.shtml (mx pentest injection security)
[Discover] [SQL Injection] Threat Classification - Web Application Security Consortium http://www.webappsec.org/projects/threat/classes/sql_injection.shtml (sql injection security)
[Discover] Security Developer Center: Security: Webcasts http://msdn2.microsoft.com/en-us/security/aa570424.aspx (microsoft webappsec ajax screencast)
[Discover] Further Obscure HTTP Server Identities > F5 DevCentral > Documentation and Tips http://devcentral.f5.com/Default.aspx?tabid=63&articleType=ArticleView&articleId=14 (webappsec security.webserver security)
[Discover] mario.heideri.ch - alert(1) http://mario.heideri.ch/ (xss webappsec)
[Discover] Ben Ramsey » Talks http://benramsey.com/talks/ (php security benramsey webappsec)
[Discover] SOA Security http://www.manning.com/kanneganti/ (security soa book saas)
[Discover] Top 10 2007-Where to Go From Here - OWASP http://www.owasp.org/index.php/Top_10_2007-Where_to_Go_From_Here (security.favorites owasp webappsec security.in.sdlc)
[Discover] Fortify Software resources on application security http://www.fortifysoftware.com/security-resources/implementing.jsp (webappsec security.in.sdlc security.interviews security.white.papers)
[Discover] [Common Security Problems in the Code of Dynamic Web Applications] Web Security Articles - Web ... http://www.webappsec.org/projects/articles/062105.shtml (security design programming techarticles)
[Discover] Identity Fraud Survey Report—How Consumers Can Protect Themselves http://www.acxiom.com/AppFiles/Download18/Javelin_ID_Theft_Consumer_Report-627200734724.pdf (webappsec security.offline.banking identity.theft security)
[Discover] What is first - Business or Security? http://www.roer.com/security/archive/2007/november/what_is_first_business_or_security (security biometrics people risk.management)
[Discover] Re: [WEB SECURITY] Website / Database Security Architecture - Best Practices ... http://www.webappsec.org/lists/websecurity/archive/2006-09/msg00101.html (web.security web.app.security webserver.security security)
[Discover] DOM Based Cross Site Scripting http://www.webappsec.org/projects/articles/071105.html (security xss javascript dom)
[Discover] JavaOne Technical Sessions - Twelve Java Technology Security Traps and How to Avoid Them http://developers.sun.com/learning/javaoneonline/j1sessn.jsp?sessn=TS-1660&yr=2006&track=cor ... (java infosec security.favorites security.java)
[Discover] Category:OWASP Enterprise Security API - OWASP http://www.owasp.org/index.php/ESAPI (owasp security hack java)
[Discover] Web Security Mailing Lists - Archive http://www.webappsec.org/lists/websecurity/archive/ (web.attacks web.security web.secure.programming web.app.security)
[Discover] Web application security reference http://www.webappsec.org/projects/threat/classes_of_attack.shtml (reference security webdev)
[Discover] Web Application Security Testing http://www.testinggeek.com/webappsec-6.asp (testing security)
[Discover] OWASP Application Security Search Engine http://www.owasp.org/google/results.html (google security owasp webappsec)
[Discover] .:[ packet storm ]:. - http://packetstormsecurity.org/ http://packetstormsecurity.org/Crackers/wordlists/ (security password security.cracking.utilities webappsec.username.enumeration)
[Discover] Web Application Security Consortium - Web hacking Incidents Database (WHID) - Statistics http://www.webappsec.org/projects/whid/statistics.shtml (security hacking infosec statistics)
[Discover] Glossary - Web Application Security Consortium http://www.webappsec.org/projects/glossary/#WebApplicationVulnerabilityScanner (security glossary)
[Discover] Web Security Interview Questions http://www.webappsec.org/documents/web_security_interview_question.shtml (interview security jobs career)
[Discover] w3af, the Web Application Attack and Audit Framework | Dragos Lungu Dot Com http://www.dragoslungu.com/2007/06/15/w3af-the-web-application-attack-and-audit-framework/ (webappsec framework scanner)
[Discover] Projects - Web Application Security Consortium http://www.webappsec.org/projects/ (security)
[Discover] Know your Enemy: Web Application Threats http://honeynet.org/papers/webapp/ (security development honeypot webdevelopment)
[Discover] Neil Carpenter's Blog : Anatomy of a SQL Injection Incident, Part 2 http://blogs.technet.com/neilcar/archive/2008/03/15/anatomy-of-a-sql-injection-incident-part-2-meat. ... (injection sql security asp)
[Discover] Larry Osterman's WebLog : When you're analyzing the strength of a password, make sure you know what' http://blogs.msdn.com/larryosterman/archive/2007/11/12/when-you-re-analyzing-the-strength-of-a-passw ... (security blogs passwords security.passwords)
[Discover] [WEB SECURITY] Write-up by Amit Klein: "Forging HTTP request headers with Flash" http://www.webappsec.org/lists/websecurity/archive/2006-07/msg00069.html (security flash javascript scripting)