Difference between revisions of "OWASP Security Blitz"

From OWASP
Jump to: navigation, search
(May - Cross Site Scripting)
(May - Cross Site Scripting)
Line 17: Line 17:
 
# [http://ha.ckers.org/xss.html XSS cheat sheet] (Breaker)
 
# [http://ha.ckers.org/xss.html XSS cheat sheet] (Breaker)
 
# [https://developer.mozilla.org/en/Introducing_Content_Security_Policy Content Security Policy] (Builder)
 
# [https://developer.mozilla.org/en/Introducing_Content_Security_Policy Content Security Policy] (Builder)
 +
# [https://www.owasp.org/index.php/DOM_Based_XSS Dom Based XSS]
 +
# [https://www.owasp.org/index.php?title=DOM_based_XSS_Prevention_Cheat_Sheet Dom Based XSS Prevention Cheat Sheet]

Revision as of 14:37, 5 May 2012

Contents

About

OWASP is starting a monthly security blitz where we will rally the security community around a particular topic. The topic may be a vulnerability, defensive design approach, technology or even a methodology. All members of the security community are encouraged to write blog posts, articles, patches to tools, videos etc in the spirit of the current monthly topic. Our goal is to show a variety of perspectives on the topic from the different perspectives of builders, breakers and defenders.


Monthly Security Topics

  • 2012 - April - SQL Injection
  • 2012 - May - Cross Site Scripting
  • 2012 - June - Access Control
  • 2012 - July - Mobile Security
  • 2012 - August - Threat Modeling

Articles/Contributions/Updates

Please add links to any stories, posts, articles, etc that are related to the current month

May - Cross Site Scripting

  1. OWASP XSS Prevention Cheat Sheet (Builder)
  2. XSS cheat sheet (Breaker)
  3. Content Security Policy (Builder)
  4. Dom Based XSS
  5. Dom Based XSS Prevention Cheat Sheet