Difference between revisions of "OWASP Newsletter 13"

From OWASP
Jump to: navigation, search
(Featured Project: CSRFTester)
m (Updated pages)
 
(3 intermediate revisions by one user not shown)
Line 32: Line 32:
 
== Featured Project: CSRFTester ==
 
== Featured Project: CSRFTester ==
  
OWASP recently came out with the CSRFTester Project, which attempts to give developers the ability to test their applications for CSRF flaws.
+
OWASP recently came out with the CSRFTester Project, which attempts to give developers the ability to test their applications for CSRF flaws.  Cross-Site Request Forgery (CSRF) is a program that tricks a victim into loading a page that contains a malicious request, such as changing personal information or purchasing something the victim is not aware of.
  
  
Line 50: Line 50:
 
* [http://www.owasp.org/index.php/OWASP_AppSec_Europe_2008_-_Belgium/CFTP OWASP AppSec Europe 2008-Belgium/CFTP]
 
* [http://www.owasp.org/index.php/OWASP_AppSec_Europe_2008_-_Belgium/CFTP OWASP AppSec Europe 2008-Belgium/CFTP]
 
* [http://www.owasp.org/index.php/Google_Web_Toolkit Google Web Toolkit]
 
* [http://www.owasp.org/index.php/Google_Web_Toolkit Google Web Toolkit]
 +
* [http://www.owasp.org/index.php/NewBrunswick New Brunswick]
  
 
==== Updated pages====  
 
==== Updated pages====  
 
Updated chapter pages:
 
Updated chapter pages:
  
 +
* [http://www.owasp.org/index.php/Sweden Sweden]
 +
* [http://www.owasp.org/index.php/Denver Denver]
 
* [http://www.owasp.org/index.php/Cleveland Cleveland]
 
* [http://www.owasp.org/index.php/Cleveland Cleveland]
 
* [http://www.owasp.org/index.php/Germany Germany]
 
* [http://www.owasp.org/index.php/Germany Germany]
Line 74: Line 77:
 
Other pages:
 
Other pages:
  
 +
* [http://www.owasp.org/index.php/OWASP_Australia_AppSec_2008_Conference/Agenda OWASP Australia AppSec 2008 Conference/Agenda]
 
* [http://www.owasp.org/index.php/Front_Range_Web_Application_Security_Summit_Planning_Page Front Range Web Application Security Summit Plannng Page]
 
* [http://www.owasp.org/index.php/Front_Range_Web_Application_Security_Summit_Planning_Page Front Range Web Application Security Summit Plannng Page]
 
* [http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference OWASP NYC AppSec 2008]
 
* [http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference OWASP NYC AppSec 2008]
Line 88: Line 92:
 
==== New Documents & Presentations from chapters====  
 
==== New Documents & Presentations from chapters====  
  
For a complete list of chapter presentations see [[OWASP_Education_Presentation|the online table of presentations]].
+
* [https://www.owasp.org/images/5/53/Introduction_to_OWASP.pdf Introduction to OWASP]
  
 +
For a complete list of chapter presentations see [[OWASP_Education_Presentation|the online table of presentations]].
  
 
== OWASP references in the Media==
 
== OWASP references in the Media==

Latest revision as of 11:23, 8 February 2008

Contents

OWASP Newsletter #13 (08-Feb-2008)

Welcome to the 13th edition of the OWASP Newsletter, featuring OWASP Books and the CSRFTester Project.


As always, if you have any content to add to the next edition, please feel free to add it directly to its WIKI page OWASP Newsletter 14.


Alison McNamee - OWASP Operations Director - Alison.mcnamee@owasp.org

Featured Item: OWASP Books Available

OWASP has 10 books that are available for free download, or to purchase (prices range from $5.81 - $17.44). The current books available are:

  • OWASP Clasp v1.2
  • OWASP Top 10
  • OWASP Top 10 - Testing - Legal
  • OWASP WebGoat and WebScarab
  • OWASP Code Review
  • OWASP Evaluation and Certification Criteria
  • OWASP Top 10 - Ruby on Rails version
  • OWASP SpoC 2007
  • OWASP World
  • OWASP Guide 2.0


If you would like to download or order, please go to Lulu!


OWASP Books are provided at cost, and OWASP is not making a profit.


Featured Project: CSRFTester

OWASP recently came out with the CSRFTester Project, which attempts to give developers the ability to test their applications for CSRF flaws. Cross-Site Request Forgery (CSRF) is a program that tricks a victim into loading a page that contains a malicious request, such as changing personal information or purchasing something the victim is not aware of.


If you would like to download the latest OWASP CSRFTester 1.0 binary and startup script Click Here

If you would like to download the latest OWASP CSRFTester 1.0 source and binary Click Here


To learn more about this project, please visit the Project Home Page.

Latest additions to the WIKI

New Pages

Updated pages

Updated chapter pages:


Other pages:

New Documents & Presentations from chapters

For a complete list of chapter presentations see the online table of presentations.

OWASP references in the Media