 |
|
|
|
| 1 - 10 of 54 in Best Web Links |
|
<< Previous page 1 2 3 4 5 6 Next >> |
|
Getting started with threat modeling
J.D. Meier's Blog | 20 Dec 2007
BEST WEB LINK - Using threat modeling you can identify potential security issues to help you shape your application's security design. Not sure how to create a threat model? Here are some links to get you started.
Pro PHP security: Preventing SQL injection
PHPBuilder | 02 Nov 2006
BEST WEB LINK - Securing PHP code from SQL injection vulnerabilities is an important security step, and this book excerpt covers it from ...
Self-contained XSS attacks
GNUCITIZEN | 22 Sep 2006
BEST WEB LINK - This blog post offers insight into an oft-overlooked cross-site scripting attack vector. The author mentions several extremely popular sites that may be vulnerable to this XSS exploit. He also includes an example that clearly ...
Chris Shiflett: PHP and Web application security
Shiflett.org | 31 Aug 2006
BEST WEB LINK - Chris Shiflett knows his subject. This frequently updated blog (often there are several posts within one day) is a great source of information. Shiflett includes many links to other sites that may be of interest as well.
Avoiding buffer overflows
Apple Developer Connection | 23 May 2006
BEST WEB LINK - This article is part of Developer Connection's Secure Coding Guide, so there are plenty of code examples to follow. Here is an organized, graphic-filled tutorial on preventing these exploits. It explores the source of the ...
Bypassing script filters with variable-width encodings
Cheng Peng Su | 07 Aug 2006
BEST WEB LINK - The main problem of constructing XSS attacks is how to obfuscate malicious code. In this article Cheng Peng Su explains the concept of bypassing script filters with variable-width encodings and disclosing the applications of ...
Preventing LDAP injection in Java
OWASP | 10 Jul 2006
BEST WEB LINK - A short, specific and educational article on preventing LDAP injection. The author includes two code examples for guarding ...
Second-order code injection attacks (PDF)
NGS Software | 01 Nov 2004
BEST WEB LINK - Although very similar to first-order injection attacks, second-order attacks do not execute right away. In some ways, this paper purports, they are more dangerous than first-order injections. The author classifies these ...
Bypassing script filters with variable-width encodings
IT Observer | 14 Aug 2006
BEST WEB LINK - In this article, the author demonstrates an XSS attack on Web-based mail services. He uses Hotmail and Yahoo as primary examples, but the exploit has far-reaching consequences. By using this character coding scheme, hackers ...
XSS, cookies and session ID authentication: Three ingredients for a successful hack
Informit.com | 11 Aug 2006
BEST WEB LINK - This chapter excerpt is based upon a real-life cross-site scripting attack conducted by the author. The potential damage of an XSS attack should not be underestimated, and the author clearly demonstrates how much harm these ...
|
| 1 - 10 of 54 in Best Web Links |
|
<< Previous page 1 2 3 4 5 6 Next >> |
|
|
|
|
|
|
|
