Difference between revisions of "Research for SharePoint (MOSS)"

From OWASP
Jump to: navigation, search
Line 53: Line 53:
 
* [http://www.sharepointsecurity.com ARB Security Solutions (www.sharepointsecurity.com)]
 
* [http://www.sharepointsecurity.com ARB Security Solutions (www.sharepointsecurity.com)]
 
* [http://www.surety.com/Offerings/AbsoluteProof/For-MS-SharePoint.aspx AbsoluteProof for MS SharePoint] - related article [http://www.cmswire.com/cms/enterprise-cms/surety-releases-absoluteproof-for-sharepoint-002471.php Surety Releases AbsoluteProof for SharePoint]
 
* [http://www.surety.com/Offerings/AbsoluteProof/For-MS-SharePoint.aspx AbsoluteProof for MS SharePoint] - related article [http://www.cmswire.com/cms/enterprise-cms/surety-releases-absoluteproof-for-sharepoint-002471.php Surety Releases AbsoluteProof for SharePoint]
 +
 +
 +
== Dangerous MOSS APIs ==
 +
 +
Map the security implications of MOSS APIs, for example:
 +
*  which APIs (if badly used)are vulnerable to: XSS, CSRF, SQL Injection
 +
* configuration settings that have security implications
 +
 +
 +
== WebParts Security ==
 +
 +
* Security ratings & mappings of MOSS Deployed Web Parts
 +
* Security ratings & mappings of 3rd Part Web Parts

Revision as of 07:11, 4 January 2010

This page contains research notes on Microsoft's SharePoint MOSS and WSS

Resources

Microsoft resources

Other Resources and Documentation

Presentations

Other interesting resources

Other Blogs and Articles

Security related technical articles


Published Security issues

SharePoint related vulnerabilities and its status


MOSS Security related WebParts, Tools & services

Open Source

Commercially Supported


Dangerous MOSS APIs

Map the security implications of MOSS APIs, for example:

  • which APIs (if badly used)are vulnerable to: XSS, CSRF, SQL Injection
  • configuration settings that have security implications


WebParts Security

  • Security ratings & mappings of MOSS Deployed Web Parts
  • Security ratings & mappings of 3rd Part Web Parts