OWASP Backend Security Project

From OWASP
Jump to: navigation, search

Contents

Introduction

1.1 About OWASP Backend Security Project

1.2 Contributors

OWASP Backend Security Project (Development)

2.1 Overview

2.2 SQL Injection (100%, OWASP wiki)

2.3 LDAP Injection (100%, OWASP wiki)

2.4 JAVA Backend Security programming (0%, Francesco Perna)

2.4.1 JAVA preventing SQL Injection

2.4.2 JAVA preventing LDAP Injection

2.5 PHP Backend Security programming (60%, Daniele Bellucci) ***(alpha version)***

2.5.1 PHP preventing SQL Injection

2.5.2 PHP preventing LDAP Injection

2.6 .NET Backend Security programming (80%, Guido Pederzini) ***(alpha version)***

2.6.1 .NET preventing SQL Injection

2.6.2 .NET preventing LDAP Injection

OWASP Backend Security Project (Hardening)

3.1 Overview

3.2 DBMS

3.2.1 Oracle Hardening (40%, Pasquale De Rinaldis, Angelo dell'Aera) ***(alpha version)***

3.2.2 SQL Server Hardening (30%, Guido Pederzini)

3.2.3 DB2 Hardening (60%, Giuseppe Gottardi) ***(alpha version)***

3.2.4 MySQL Hardening (70%, Erik Sonnleitner)

3.2.5 PostgreSQL Hardening (0%, Maurizio Agazzini)

3.3 LDAP

3.3.1 OpenLDAP Hardening (0%, Daniele Bellucci)

OWASP Backend Security Project (Testing)

4.1 Overview

4.2 Database security testing (40%, Daniele Bellucci) ***(alpha version)***

4.2.1 DBMS Fingerprinting (70%, Daniele Bellucci) ***(alpha version)***

4.2.2 Testing Oracle (100%, Testing Guide)

4.2.3 Testing SQL Server (100%, Testing Guide)

4.2.4 Testing MySQL (100%, Testing Guide)

4.2.5 Testing PostgreSQL (80%, Daniele Bellucci) ***(alpha version)***

4.3 LDAP security testing (100%, Testing Guide)

4.4 Tools (50%, Fabio Mattiussi, Simone Savi) ***descriptions (alpha version)***