Tag Archives: OWASP

Tools – WebScareb and Penetration Testing

Source: OWASP Welcome to the WebScarab (Next Generation) Project WebScarab NG is a robust tool that assists the user in penetration test. This is a complete rewrite of the old WebScarab application, with a special focus on making the application more user-friendly. WebScarab-NG is a complete rewrite of the old WebScarab application, with a special focus on making… Read More »

Comprehensive, Lightweight Application Security Process (CLASP)

Source: OWASP CLASP (Comprehensive, Lightweight Application Security Process) provides a well-organized and structured approach for moving security concerns into the early stages of the software development lifecycle, whenever possible. CLASP is actually a set of process pieces that can be integrated into any software development process. It is designed to be both easy to adopt and effective. It… Read More »

A Guide to Building Secure Web Applications and Web Services

Source: OWASP We have re-written Guide from the ground up, dealing with all forms of web application security issues, from old hoary chestnuts such as SQL injection, through modern concerns such as phishing, credit card handling, session fixation, cross-site request forgeries, and compliance and privacy issues. In Guide 2.0, you will find details on securing most forms of… Read More »

The OWASP Top 10 Web Application Security Risks for 2010

The OWASP Top 10 Web Application Security Risks for 2010 are: You can download the pdf version here. Welcome to the OWASP Top 10 2010! This significant update presents a more concise,risk focused list of the Top 10 Most Critical Web Application Security Risks. The OWASP Top 10 has always been about risk, but this update makes this… Read More »

OWASP Prevention Cheat Sheet Series

Source: OWASP Overview The OWASP Prevention Cheat Sheet Series was created to provide a concise collection of high value information on specific web application security topics. These cheat sheets were created by multiple application security experts and provide excellent security guidance in an easy to read format. Cheat Sheets The following cheat sheets are currently available. OWASP Cheat… Read More »