Category:OWASP Access Control Rules Tester Project
From OWASP
| PROJECT IDENTIFICATION | |||||||
|---|---|---|---|---|---|---|---|
| Project Name | OWASP Access Control Rules Tester Project | ||||||
| Short Project Description | I believe that web application business logic vulnerabilities will be under increasing attention in near future. Although input validation vulnerabilities (XSS, SQLI) are in overwhelming majority nowadays, many automated approaches have emerged that deal with them. On the contrary, there are no known approaches (and methodologies for security experts) to classify or even detect business logic vulnerabilities. Besides, business logic flaws usually expose web application to great risks (according to OWASP Testing Guide). The proposal is to make an attempt to create a systematic approach that addresses business logic vulnerabilities. To begin with, access control flaws are surveyed. | ||||||
| Key Project Information | Project Leader Andrew Petukhov | Project Contributors (if applicable) | Mailing List Subscribe here Use here | License GNU General Public License v2 | Project Type Tool | Sponsors OWASP SoC 08 | |
| Release Status | Main Links | Related Projects |
|---|---|---|
|
PPT Presentation |
If any, add link here |
This category currently contains no pages or media.
