uncleflo
Registered since September 28th, 2017
Has a total of 4281 bookmarks.
Showing top Tags within 4 bookmarks
howto information development guide reference administration design website software solution service online product business uk tool company linux code server application system web list video marine create data experience tutorial description learn explanation technology build article blog world project boat download windows lookup security free performance javascript technical london control network beautiful tools support course file research purchase image library programming youtube example php opensource construction install community html quality feature profile computer power browser music platform mobile process work manage professional user share database hardware buy industry internet dance advice developer installation 3d search camera access customer travel material standard money test develop css review documentation photography engineering webdesign engine digital device speed api source event program question management client phone discussion water story content simple marketing yacht app account setup idea interface package fast communication cheap compare script market study easy live google resource operation demonstration startup monitor
Tag selected: owasp.
Looking up owasp tag. Showing 4 results. Clear
OWASP Zed Attack Proxy Project
Saved by uncleflo on June 22nd, 2018.
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its also a great tool for experienced pentesters to use for manual security testing.
owasp proxy attack hacker hacking automation check pentesting experience application develop test vulnerability scan browser international world popular tool security continuous delivery
OWASP - Web Application Security Testing Cheat Sheet
Saved by uncleflo on June 27th, 2017.
This checklist is intended to be used as an aide memoire for experienced pentesters and should be used in conjunction with the OWASP Testing Guide. It will be updated as the Testing Guide v4 is progressed. The intention is that this guide will be available as an XML document, with scripts that convert it into formats such as pdf, Media Wiki markup, HTML etc. This will allow it to be consumed within security tools as well as being available in a format suitable for printing. All feedback or offers of help will be appreciated - and if you have specific changes you think should be made, please log in and make suggestions.
owasp security application checklist prevention technical development cheatsheet online information security information prevent preventative website administration harden guide community script experience offer production internet tool
owasp-esapi-php - Project Hosting on Google Code
Saved by uncleflo on February 22nd, 2015.
Don’t write your own security controls! Reinventing the wheel when it comes to developing security controls for every web application or web service leads to wasted time and massive security holes. The OWASP Enterprise Security API (ESAPI) Toolkits help software developers guard against security‐related design and implementation flaws.
esapi owasp php security google code development safe net host project hole toolkit software server hack design implementation enterprise control flaw
XSS (Cross Site Scripting) Prevention Cheat Sheet - OWASP
Saved by uncleflo on January 20th, 2015.
This article provides a simple positive model for preventing XSS using output escaping/encoding properly. While there are a huge number of XSS attack vectors, following a few simple rules can completely defend against this serious attack. This article does not explore the technical or business impact of XSS. Suffice it to say that it can lead to an attacker gaining the ability to do anything a victim can do through their browser. Both reflected and stored XSS can be addressed by performing the appropriate validation and escaping on the server-side. DOM Based XSS can be addressed with a special subset of rules described in the DOM based XSS Prevention Cheat Sheet. For a cheatsheet on the attack vectors related to XSS, please refer to the XSS Filter Evasion Cheat Sheet. More background on browser security and the various browsers can be found in the Browser Security Handbook.
hacking scripting prevention cheat sheet owasp cross XSS rule guideline properly attack vector explore technical browser business output escape ecode serious security model filter evasion ability impact defend information administration development howto reference
No further bookmarks found.