
	Home > Application threats: CSRF, injection attacks and cookie replay

Learning Guide:

EMAIL THIS

Application threats: CSRF, injection attacks and cookie replay

16 Nov 2006 | SearchAppSecurity.com

Software quality news and advice

Digg This! StumbleUpon Del.icio.us

With Web applications making the 2006 SANS top 20 internet security attack targets list, it behooves us to concentrate on Web exploits. Web application exploits come in a variety of forms. There are a few that stand out: XSS, for example. But what about XSRF, which is only recently garnering the press is deserves?

There are comparatively little resources for less famous exploits. However,less famous does not mean less common. XSRF is positively everywhere. This learning guide includes tips, articles, white papers and expert advice on exploits that don't yet make the headlines. If you know of an article, tip, tool or method that should be included, send me an e-mail with the information and I'll be happy to add it. – Jennette Mullaney, assistant editor.

TABLE OF CONTENTS
   Cross-site request forgery
   Injection attacks
   SSI injection
   LDAP injection
   XPath injection
   Cookie replay
   Other Useful Resources

  Cross-site request forgery (XSRF)

[Return to Table of Contents]
This exploit goes by many names. Its two abbreviations, CSRF and XSRF, can stand either for cross-site request forgery or cross-site reference forgery. Even more confusing, the term session riding is sometimes used to describe this attack. What's certain, though, is that cross-site request forgery is a nasty, incredibly common vulnerability. And that's true no matter what you call it.

Definition: cross-site request forgery
Expert response: Cross-site request forgery: How this Web exploit works
Article: CSRF vulnerability: A 'sleeping giant'
Overview: Cross-site request forgery
White paper: Cross Site Reference Forgery: An introduction to a common Web application weakness
Article: Security Corner: Cross-site request forgeries
Article: You know about XSS. How about XSRF/CSRF?
Article: Session riding
Article: Cross-site request forgery
Article: Cross site request forgery
Article: Cross-site request forgeries

Injection Attacks

[Return to Table of Contents]
Everyone knows about SQL injection, but injection attacks are by no means exclusive to SQL. Injection attacks have many similarities and some major differences. The following is a collection of general tips and profiles of three injection attacks you might not be aware of.

Tip: Malicious code injection: It's not just for SQL anymore
Q&A: One simple rule to make your Web apps more secure
Podcast: Injection attacks -- Knowledge and prevention
Tip: The importance of input validation
Book excerpt: Hacking Exposed Web Applications -- Input Validation Attacks

SSI injection

[Return to Table of Contents]

Definition: SSI injection
Threat classification: SSI injection
Podcast: What is SSI injection?
IT Knowledge Exchange: What is SSI injection

LDAP injection

[Return to Table of Contents]

Definition: LDAP injection
Expert response: How to avoid LDAP injection in J2EE apps
White paper: LDAP Injection: Are your Web applications vulnerable?
Threat classification: LDAP injection
Article: OWASP Guide to Building Secure Web Applications and Web Services: Authentication
Article: Preventing LDAP injection in Java
Overview: LDAP injection
Blog: LDAP injection overview
Article: LDAP injection

XPath injection

[Return to Table of Contents]

Definition: XPath injection
Expert Response: Understanding XPath injection
Expert Response: What is XPath injection?
Article: XML injection
Article: XPath injection testing
White paper: Blind XPath Injection
Article: XPath injection in XML databases
Article: Mitigating XPath injection attacks in .NET, in XML
Tip: Manage XML data sets for security
Article: Does XML give away the keys to the warehouse?

Cookie replay

[Return to Table of Contents]
Cookies contain sensitive information, and when they fall into the wrong hands they can do serious damage.

Definition: cookie
Tip: How to secure session tokens
Definition: session hijacking
Definition: transient cookie
Definition: session ID
Definition: session prediction
Definition: session replay
Article: The FormsAuthentication.SignOut method does not prevent cookie reply attacks in ASP.NET applications
Article: Understand how the ASP.NET Cookieless feature works
White paper: A Secure Cookie Protocol
Article: 'Cookie' and 'Cookieless' state management options

Other useful resources

[Return to Table of Contents]

Expert advice on application security activities

Do you have a question about application security attacks? Our Application Security Activities expert Jeff Williams may have the answer. Read advice he has given or submit your own questions.

Send in your suggestions
Are there other topics you'd like to see learning guides on? Send assistant editor Jennette Mullaney an e-mail at jmullaney@techtarget.com and let her know what they are.

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Cross-site request forgery: CSRF or XSRF
	CSRF attack vector with Ajax serialization
	Cross-site request forgery: How this Web exploit works

Building security into the SDLC (Software development life cycle)

Problems caused by skipping analysis stage of SDLC

Inexpensive phase of SDLC to catch and fix bugs

GatherSpace beefs up cloud-based requirements management

ALM: Best of breed vs. complete systems

Software development life cycle phases, iterations, explained step by step

The role of quality assurance (QA) pros in software security

Common software security risks and oversights

Why the quality assurance department should be involved in testing

How to develop secure applications

Secure software development practices 'not rocket science'

Threat modeling

Web application security and the PCI DSS

The essentials of Web application threat modeling

How to implement security in Java EE and Java ME

Application security shouldn't involve duct tape, Band-Aids or bubble gum

Stop SQL injection attacks on applications

How to counter XSS attacks

Breaking the same origin barrier of JavaScript

Protection against "zero-minute" exploits

Denial of service and Ajax

CSRF attack vector with Ajax serialization

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

Software Quality Testing - Research and White Papers

SEARCH

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2006 - 2009, TechTarget \| Read our Privacy Policy