 |
 |
| Cross-site scripting: XSS: 1 - 3 of 4 |
|
|
|
|
Jeremiah Grossman on the pervasive nature of XSS
SearchSoftwareQuality.com | 13 Jun 2007
Q A INTERVIEW - Jeremiah Grossman, founder and chief technology officer of WhiteHat Security, talks about his new book, Cross Site Scripting Attacks: XSS Exploits and Defense; how developers and users can defend themselves against XSS;... |
|
XSS prevention in Java
Expert: Ramesh Nagappan | 25 Sep 2006
EXPERT RESPONSE - Cross-site scripting exploits can devastate Java apps. With XSS attacks on the rise, expert Ramesh Nagappan explains how to prevent these exploits in J2EE applications through proper input validation and other methods. |
|
Guarding against XSS in ASP.NET
Expert: Dan Cornell | 06 Jul 2006
EXPERT RESPONSE - Expert Dan Cornell explains how to use the tools available in ASP.NET to prevent cross-site scripting (XSS) attacks. |
|
| SQL injection: 1 - 3 of 4 |
|
|
|
|
SQL injection: Developers fight back
SearchSoftwareQuality.com | 06 Apr 2006
TIP - SQL injection attacks are a popular threat against application security. Anurag Agarwal provides 10 steps developers can use to secure their Web applications against SQL injection. |
|
SQL injection: Secure your Web applications
SearchSoftwareQuality.com | 22 Aug 2006
TIP - SQL injection exploits wreak havoc on vulnerable Web sites. Expert Caleb Sima explains how to protect your applications against these popular and destructive injection attacks. |
|
Ways to automate SQL injection testing
SearchSoftwareQuality.com | 19 Jun 2006
TIP - Manual testing for SQL injection requires much effort with little guarantee that you'll find every vulnerability. CISSP Kevin Beaver offers a better way: automated SQL injection testing. |
|
| Cross-site request forgery: CSRF or XSRF: 1 - 3 of 3 |
|
|
|
|
Cross-site request forgery: How this Web exploit works
Expert: Jeremiah Grossman | 16 Nov 2006
EXPERT RESPONSE - Cross-site request forgery is a major threat to Web security, and most Web sites aren't equipped to handle this exploit. Expert Jeremiah Grossman explains how CSRF works. |
|
Application threats: CSRF, injection attacks and cookie replay
SearchSoftwareQuality.com | 16 Nov 2006
GENERIC - Web application exploits come in a variety of forms. There are a few that stand out: XSS, for example. But what about XSRF, which is only recently garnering the press is deserves? There are comparatively little resources... |
|
CSRF attack vector with Ajax serialization
SearchSoftwareQuality.com | 18 Dec 2006
TIP - Web 2.0 applications are increasingly at risk to cross-site request forgery (CSRF) attacks. Shreeraj Shah explains what those risks are and how you can prevent such attacks. |
|
| XPath injection: 1 - 3 of 3 |
|
|
|
|
How to prevent XPath injection
SearchSoftwareQuality.com | 11 Feb 2008
TIP - Parameterization and input validation are invaluable to application security. Which method is best for preventing XPath injection attacks? Chris Eng explains. |
|
Understanding XPath injection
Expert: Rami Jaamour | 31 Oct 2006
EXPERT RESPONSE - XPath injection is similar to SQL injection and other injection attacks, but this XML exploit has its own unique set of issues. Web services expert Rami Jaamour details how these exploits work -- and how you can avoid... |
|
|
|
|
