LII:Web Application Security Guide

From LIMSWiki

Revision as of 18:42, 9 February 2022 by Shawndouglas (talk | contribs) (Cats)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Web Application Security Guide

Originally written by: Jan Schejbal and others
Transferred by: Shawn Douglas
Under the license: Creative Commons Attribution-ShareAlike 3.0 Unported

Table of contents

Opening comments

Miscellaneous points

File inclusion and disclosure

File upload vulnerabilities

Cross-site scripting (XSS)

XML and internal data escaping

XML, JSON and general API security

(Un)trusted input

Cross-site request forgery (CSRF)

Insecure data transfer

Session fixation

Session stealing

Truncation attacks, trimming attacks

Password security

Comparison issues

PHP-specific issues

Prefetching and spiders

SSL, TLS and HTTPS basics

Further reading

Retrieved from "https://www.limswiki.org/index.php?title=LII:Web_Application_Security_Guide&oldid=46208"

Guides, white papers, and other publications

Navigation menu