Scuttle

Tags: java + security

Sort by: Date / Title / URL

1. Category:OWASP WebGoat Project - OWASP WebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoa 01-06-2011 to java, security by matze

2. Erklärt: So nutzen Hacker Cross Site Request Forgery für Angriffe - internetmagazin - Magnus.de Wenn es nach Hackern ginge, würden sie am liebsten gar keine Spuren hinterlassen. Eine XRSF-Attacke (Cross-Site Request Forgery, XSRF, CSRF) basiert auf gefälschten Anfragen, die ausgeführt werden, weil der Webserver einem vermeintlich authentifizierte 23-05-2011 to code-injection, cross-site-scripting(xss), java, security by matze

3. Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet - OWASP Cross-Site Request Forgery (CSRF) is a type of attack that occurs when a malicious Web site, email, blog, instant message, or program causes a user’s Web browser to perform an unwanted action on a trusted site for which the user is currently authenticat 23-05-2011 to code-injection, cross-site-scripting(xss), java, security by matze

4. Angriffe auf Webanwendungen – Teil 1: XSS (+Beispielangriff) | davblog: webdev and stuff Das ist der Anfang einer kleinen Serie, die das Thema “Websecurity” umreißt. Dabei werde ich mit konkreten Angriffsszenarien auf die Techniken XSS, Session Highjacking + Session Fixation, SQL Injection und CSRF eingehen. Die Grundlage legen wir mit d 19-05-2011 to code-injection, cross-site-scripting(xss), java, security by matze

5. Details zum CSRF-Schutz in CodeIgniter 2.0 - Bastian Heist - Webdesign Entwicklung Hosting Details zum CSRF-Schutz in CodeIgniter 2.0 Cross Site Request Forgery (CSRF) ist eine der am weitesten verbreiteten Schwachstellen in Webanwendungen. Wie angekündigt, wird CodeIgniter 2.0 einen eingebauten CSRF-Schutz enthalten. Diesen möchte ich jetzt 19-05-2011 to code-injection, cross-site-scripting(xss), java, security by matze

6. ModSecurity Content Injection Demo ModSecurity Content Injection Demo: XSS Defense with Active Content Signatures The purpose of this demo is to show possible XSS defenses by using ModSecrity's Content Injection capability to insert defensive Javascript to the beginning of html responses. 19-05-2011 to code-injection, cross-site-scripting(xss), java, security by matze

7. ModSecurity Blog: Advanced Topic of the Week: XSS Defense via Content Injection In last week's post on Identifying Improper Output Handling, we showed a method to use ModSecurity to identify if client request data is echoed back in html responses thus identifying a potential XSS vector. While this can prove useful to a large chunk 19-05-2011 to java, security by matze

8. Preventing CSRF with JSF 2.0 | Javalobby Have you ever had the need for higher security in one of your applications? Than you are probably familiar with the following topic. If not, I am going to tell you a little bit about attacks and web application security before we move over to implement a 19-05-2011 to code-injection, cross-site-scripting(xss), java, security by matze

9. alphaWorks : Web Services Validation Tool for WSDL and SOAP : Overview Web Services Analysis Tool analyzes and reports problems in SOAP messages and schema in Web Services Description Language. While developing Web services, developers need to set up application servers and deploy Web services applications to the servers in 19-05-2011 to java, security, webservice by matze

10. Welcome to WS-Attacks.org ! - WS-Attacks.org WS-Attacks.org is not a new web service standard by the OASIS Group or W3C; instead it presents the flaws of today's web service standards and implementations in regard to web service security! WS-Attacks.org aims at delivering the most comprehensive enu 19-05-2011 to java, security, webservice by matze

First / Previous / Next / Last / Page 1 of 12