Difference between revisions of "Podcast 8"

From OWASP
Jump to: navigation, search
m
(OWASP AppSec News)
Line 13: Line 13:
 
http://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project<br/>
 
http://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project<br/>
 
http://michael-coates.blogspot.com/2009/02/xss-prevention.html<br/>
 
http://michael-coates.blogspot.com/2009/02/xss-prevention.html<br/>
 +
While many of you may be familiar with the ha.ckers.org RSnake XSS Cheat Sheet, Michael Coates talks about the advantages of the OWASP XSS Prevention Cheat Sheet.  He says it's cool because it addresses: Injecting Up vs Injecting Down, Attribute Escaping, Javascripting Escaping, CSS Escaping, and URL Escaping<br/ >
 
http://blogs.msdn.com/sdl/archive/2009/01/27/sdl-and-the-cwe-sans-top-25.aspx<br />
 
http://blogs.msdn.com/sdl/archive/2009/01/27/sdl-and-the-cwe-sans-top-25.aspx<br />
 
http://denimgroup.typepad.com/denim_group/2009/01/owasp-san-antonio-slide-deck-online.html<br/ >
 
http://denimgroup.typepad.com/denim_group/2009/01/owasp-san-antonio-slide-deck-online.html<br/ >

Revision as of 14:11, 8 February 2009

OWASP Podcast Series #8

OWASP NEWS
Recording TBD

overview-icon-itunes20081106.jpg Feed-icon-32x32.png

OWASP AppSec News

http://www.suspekt.org/2009/02/06/some-facts-about-the-phplist-vulnerability-and-the-phpbbcom-hack/
http://hackedphpbb.blogspot.com/2009/01/place-holder.html
http://www.owasp.org/index.php/Category:OWASP_Scrubbr
http://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project
http://michael-coates.blogspot.com/2009/02/xss-prevention.html
While many of you may be familiar with the ha.ckers.org RSnake XSS Cheat Sheet, Michael Coates talks about the advantages of the OWASP XSS Prevention Cheat Sheet. He says it's cool because it addresses: Injecting Up vs Injecting Down, Attribute Escaping, Javascripting Escaping, CSS Escaping, and URL Escaping
http://blogs.msdn.com/sdl/archive/2009/01/27/sdl-and-the-cwe-sans-top-25.aspx
http://denimgroup.typepad.com/denim_group/2009/01/owasp-san-antonio-slide-deck-online.html
http://keepitlocked.net/archive/2009/01/27/socalcodecamp-presentation-quot-top-ten-tips-for-tenacious-defense-for-asp-net-application-quot.aspx
http://www.cgisecurity.com/2009/01/web-application-scanners-comparison.html
http://shreeraj.blogspot.com/2009/01/infosecworld-08-presenting-research.html
http://www.cigital.com/justiceleague/2009/01/22/let-the-posturing-begin/
http://nickcoblentz.blogspot.com/2009/01/owasps-xss-prevention-cheat-sheet.html
http://jobsearchtech.about.com/od/educationfortechcareers/g/CSSLP.htm
http://ounceopen.squarespace.com
http://research.zscaler.com