Book:Web Application Security: A Comprehensive Overview

From LIMSWiki
Jump to navigationJump to search
Web Application Security
A Comprehensive Overview
File:OWASP Logo.png
This is a LIMSwiki book, a collection of LIMSwiki articles that can be easily saved, rendered electronically, and ordered as a printed book.

Edit this book: Book Creator · Wikitext
Select format to download:

PDF (A4) · PDF (Letter)

Order a printed copy from these publishers: PediaPress
Start ] [ FAQ ] [ Basic help ] [ Advanced help ] [ Feedback ] [ Recent Changes ]


Web Application Security: A Comprehensive Overview

This volume provides a comprehensive overview of "common web application security issues and methods how to prevent them." The content originates from the associated Wikibook, found here, and is made available under the Creative Commons Attribution-ShareAlike 3.0 Unported license. The original was cut into numerous short chapters and also published in a one-page print-friendly format. The latter is the version used here. A content listing is included for your convenience.

1. Intro and checklist
2. Miscellaneous points
3. File inclusion and disclosure
4. File upload vulnerabilities
5. SQL injection
6. Cross-site scripting (XSS)
7. XML and internal data escaping
8. XML, JSON and general API security
9. (Un)trusted input
10. Cross-site request forgery (CSRF)
11. Clickjacking
12. Insecure data transfer
13. Session fixation
14. Session stealing
15. Truncation attacks, trimming attacks
16. Password security
17. Comparison issues
18. PHP-specific issues
19. Prefetching and Spiders
20. Special files
21. SSL, TLS and HTTPS basics
22. Further reading
23. Authors
Web Application Security: A Comprehensive Overview