Category:OWASP Flash Security Project

Overview
OWASP Flash Security Project is an open project for sharing a knowledge base in order to raise awareness around the subject of Flash applications security.

Goals
The OWASP Flash Security Project aims is to produce guidelines and tools around Flash Security

Tools
Flash security testing SWFIntruder

Third-party Libraries
AS3Crypto - An ActionScript 3.0 cryptography library.

as3corelib - An Adobe sponsored Google code project that contains ActionScript 3.0 implementations of WS-Security, SHA, MD5 and other utilities.

White Papers
[1] Testing Flash Applications ppt, Stefano Di Paola, Owasp Appsec 2007, 17th May 2007, Milan (Italy).

[2] Finding Vulnerabilities in Flash Applications ppt, Stefano Di Paola, Owasp Appsec 2007, 15th November 2007, San Jose CA (USA)

Articles
[1] Creating more secure SWF web applications, Peleus Uhley, Adobe Developer Center article on secure ActionScript programming practices.

Project Contributors
The Flash Security project is run by Stefano Di Paola. He can be contacted at stefano.dipaola AT mindedsecurity.com.

Project Sponsors
The Flash Security project is sponsored by http://www.owasp.org/images/f/fe/MindedLogo.PNG