Difference between revisions of "LII:Web Application Security Guide"

From LIMSWiki
Jump to navigationJump to search
(Created as needed.)
 
m (Protected "LII:Web Application Security Guide" ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite)))

Revision as of 21:52, 10 August 2016

Web Application Security Guide

Originally written by: Jan Schejbal and others
Transferred by: Shawn Douglas
Under the license: Creative Commons Attribution-ShareAlike 3.0 Unported

Table of contents

Opening comments
Checklist
Miscellaneous points
File inclusion and disclosure
File upload vulnerabilities
SQL injection
Cross-site scripting (XSS)
XML and internal data escaping
XML, JSON and general API security
(Un)trusted input
Cross-site request forgery (CSRF)
Clickjacking
Insecure data transfer
Session fixation
Session stealing
Truncation attacks, trimming attacks
Password security
Comparison issues
PHP-specific issues
Prefetching and spiders
Special files
SSL, TLS and HTTPS basics
Further reading
Authors
Retrieved from "https://www.limswiki.org/index.php?title=LII:Web_Application_Security_Guide&oldid=26897"