uncleflo
Registered since September 28th, 2017
Has a total of 4246 bookmarks.
Showing top Tags within 4 bookmarks
howto information development guide reference administration design website software solution service product online business uk tool company linux code server system application web list video marine create data experience description tutorial explanation technology build blog article learn world project boat download windows security lookup free performance javascript technical network control beautiful support london tools course file research purchase library programming image youtube example php construction html opensource quality install community computer profile feature power browser music platform mobile user process work database share manage hardware professional buy industry internet dance advice installation developer 3d search access customer material camera travel test standard review documentation css money engineering develop webdesign engine device photography digital api speed source program management phone discussion question event client story simple water marketing yacht app content setup package fast idea interface account communication cheap compare script study market live easy google resource operation startup monitor training
Tag selected: owasp.
Looking up owasp tag. Showing 4 results. Clear
OWASP Zed Attack Proxy Project
Saved by uncleflo on June 22nd, 2018.
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its also a great tool for experienced pentesters to use for manual security testing.
owasp proxy attack hacker hacking automation check pentesting experience application develop test vulnerability scan browser international world popular tool security continuous delivery
OWASP - Web Application Security Testing Cheat Sheet
Saved by uncleflo on June 27th, 2017.
This checklist is intended to be used as an aide memoire for experienced pentesters and should be used in conjunction with the OWASP Testing Guide. It will be updated as the Testing Guide v4 is progressed. The intention is that this guide will be available as an XML document, with scripts that convert it into formats such as pdf, Media Wiki markup, HTML etc. This will allow it to be consumed within security tools as well as being available in a format suitable for printing. All feedback or offers of help will be appreciated - and if you have specific changes you think should be made, please log in and make suggestions.
owasp security application checklist prevention technical development cheatsheet online information security information prevent preventative website administration harden guide community script experience offer production internet tool
owasp-esapi-php - Project Hosting on Google Code
Saved by uncleflo on February 22nd, 2015.
Don’t write your own security controls! Reinventing the wheel when it comes to developing security controls for every web application or web service leads to wasted time and massive security holes. The OWASP Enterprise Security API (ESAPI) Toolkits help software developers guard against security‐related design and implementation flaws.
esapi owasp php security google code development safe net host project hole toolkit software server hack design implementation enterprise control flaw
XSS (Cross Site Scripting) Prevention Cheat Sheet - OWASP
Saved by uncleflo on January 20th, 2015.
This article provides a simple positive model for preventing XSS using output escaping/encoding properly. While there are a huge number of XSS attack vectors, following a few simple rules can completely defend against this serious attack. This article does not explore the technical or business impact of XSS. Suffice it to say that it can lead to an attacker gaining the ability to do anything a victim can do through their browser. Both reflected and stored XSS can be addressed by performing the appropriate validation and escaping on the server-side. DOM Based XSS can be addressed with a special subset of rules described in the DOM based XSS Prevention Cheat Sheet. For a cheatsheet on the attack vectors related to XSS, please refer to the XSS Filter Evasion Cheat Sheet. More background on browser security and the various browsers can be found in the Browser Security Handbook.
hacking scripting prevention cheat sheet owasp cross XSS rule guideline properly attack vector explore technical browser business output escape ecode serious security model filter evasion ability impact defend information administration development howto reference
No further bookmarks found.