OWASP Testing Guide Appendix B: Suggested Reading - Revision history

Mmeucci at 09:18, 20 January 2017

2017-01-20T09:18:13Z

2014-05-14T10:08:18Z

Final edit

2013-11-08T21:01:46Z

2013-02-17T23:30:10Z

2013-02-17T23:16:45Z

2013-02-17T23:13:29Z

2012-11-21T16:46:47Z

2012-11-21T16:39:12Z

2012-11-21T16:38:42Z

2012-11-21T16:38:11Z

← Older revision		Revision as of 09:18, 20 January 2017
Line 127:		Line 127:

	* Web Security – Articles - http://www.acunetix.com/websitesecurity/articles/		* Web Security – Articles - http://www.acunetix.com/websitesecurity/articles/
		+
		+	* Testing Client Side Security issues: http://www.domxss.com


Line 169:		Line 171:

	* WebMaven (better known as Buggy Bank) - http://www.mavensecurity.com/WebMaven.php		* WebMaven (better known as Buggy Bank) - http://www.mavensecurity.com/WebMaven.php
		+
		+	* DOMXSS - JavaScript Security: http://www.domxss.com

@@ Line 20: / Line 20: @@
 * Use Cases: Just the FAQs and Answers – http://www.ibm.com/developerworks/rational/library/content/RationalEdge/jan03/UseCaseFAQS_TheRationalEdge_Jan2003.pdf
 [[Category:FIXME|broken link
 * ''Web Application Security is Not an Oxy-Moron, by Mark Curphey'' - http://www.sbq.com/sbq/app_security/index.html
 * ''The Security of Applications Reloaded'' - http://www.atstake.com/research/reports/acrobat/atstake_app_reloaded.pdf
 ==Books==
@@ Line 45: / Line 43: @@
 * Hacking Exposed: Web Applications 3, by Joel Scambray, Vinvent Liu, Caleb Sima, published by McGraw-Hill Osborne Media, ISBN 007222438X (2010) - http://www.webhackingexposed.com/
 * The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws, 2nd Edition - published by Dafydd Stuttard, Marcus Pinto, ISBN  9781118026472 (2011)
@@ Line 81: / Line 80: @@
 * Writing Secure Code, by Mike Howard and David LeBlanc, published by Microsoft Press, ISBN 0735617228 (2004) http://www.microsoft.com/learning/en/us/book.aspx?ID=5957&locale=en-us
 ==Useful Websites==
@@ Line 127: / Line 127: @@
 * Web Security – Articles - http://www.acunetix.com/websitesecurity/articles/
 ==Videos==
@@ Line 135: / Line 136: @@
 * Videos by Imperva - http://www.imperva.com/resources/videos.asp
 ==Deliberately Insecure Web Applications==

← Older revision		Revision as of 21:01, 8 November 2013
Line 137:		Line 137:

	==Deliberately Insecure Web Applications==		==Deliberately Insecure Web Applications==
		+
		+	* OWASP Vulnerable Web Applications Directory Project - https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project#tab=Main

	* BadStore - http://www.badstore.net/		* BadStore - http://www.badstore.net/

← Older revision		Revision as of 23:30, 17 February 2013
Line 105:		Line 105:

	* Open Source Software Testing Tools - http://www.opensourcetesting.org/security.php		* Open Source Software Testing Tools - http://www.opensourcetesting.org/security.php
		+	* OWASP Security Blitz - https://www.owasp.org/index.php/OWASP_Security_Blitz

	* OWASP Phoenix/Tool - https://www.owasp.org/index.php/Phoenix/Tools		* OWASP Phoenix/Tool - https://www.owasp.org/index.php/Phoenix/Tools

← Older revision		Revision as of 23:16, 17 February 2013
Line 107:		Line 107:

	* OWASP Phoenix/Tool - https://www.owasp.org/index.php/Phoenix/Tools		* OWASP Phoenix/Tool - https://www.owasp.org/index.php/Phoenix/Tools
		+	* SANS Internet Storm Center (ISC) - https://www.isc.sans.edu

	* The Open Web Application Application Security Project (OWASP) — http://www.owasp.org		* The Open Web Application Application Security Project (OWASP) — http://www.owasp.org

← Older revision		Revision as of 23:13, 17 February 2013
Line 45:		Line 45:

	* Hacking Exposed: Web Applications 3, by Joel Scambray, Vinvent Liu, Caleb Sima, published by McGraw-Hill Osborne Media, ISBN 007222438X (2010) - http://www.webhackingexposed.com/		* Hacking Exposed: Web Applications 3, by Joel Scambray, Vinvent Liu, Caleb Sima, published by McGraw-Hill Osborne Media, ISBN 007222438X (2010) - http://www.webhackingexposed.com/
		+	* The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws, 2nd Edition - published by Dafydd Stuttard, Marcus Pinto, ISBN 9781118026472 (2011)

	* How to Break Software Security, by James Whittaker, Herbert H. Thompson, published by Addison Wesley, ISBN 0321194330 (2003)		* How to Break Software Security, by James Whittaker, Herbert H. Thompson, published by Addison Wesley, ISBN 0321194330 (2003)

@@ Line 44: / Line 44: @@
 *+ Online version available at: http://books.google.com/books?id=AO2fsAPVC34C&printsec=frontcover&source=gbs_ge_summary_r&cad=0#v=onepage&q&f=false
-* Hacking Exposed: Web Applications 3, by Joel Scambray, Vinvent Liu, Caleb Sima, published by McGraw-Hill Osborne Media, ISBN 007222438X(2010) - http://www.webhackingexposed.com/
+* Hacking Exposed: Web Applications 3, by Joel Scambray, Vinvent Liu, Caleb Sima, published by McGraw-Hill Osborne Media, ISBN 007222438X (2010) - http://www.webhackingexposed.com/
 * How to Break Software Security, by James Whittaker, Herbert H. Thompson, published by Addison Wesley, ISBN 0321194330 (2003)
@@ Line 58: / Line 58: @@
 *+ Online version available at: http://books.google.com/books?id=SN4WegDHVCcC&printsec=frontcover&source=gbs_ge_summary_r&cad=0#v=onepage&q&f=false
-* Secure Coding: Principles and Practices, by Mark Graff and Kenneth R. Van Wyk, published by O’Reilly, ISBN 0596002424(2003) - http://www.securecoding.org
+* Secure Coding: Principles and Practices, by Mark Graff and Kenneth R. Van Wyk, published by O’Reilly, ISBN 0596002424 (2003) - http://www.securecoding.org
 * Secure Programming for Linux and Unix HOWTO, David Wheeler (2004) http://www.dwheeler.com/secure-programs

@@ Line 36: / Line 36: @@
 * The Ethical Hack: A Framework for Business Value Penetration Testing, By James S. Tiller, Auerbach Publications, ISBN 084931609X (2005)
-Online version available at: http://books.google.com/books?id=fwASXKXOolEC&printsec=frontcover&source=gbs_ge_summary_r&cad=0#v=onepage&q&f=false
+*+ Online version available at: http://books.google.com/books?id=fwASXKXOolEC&printsec=frontcover&source=gbs_ge_summary_r&cad=0#v=onepage&q&f=false
 * Exploiting Software: How to Break Code, by Gary McGraw and Greg Hoglund, published by Addison-Wesley Pub Co, ISBN 0201786958 (2004) -http://www.exploitingsoftware.com

@@ Line 61: / Line 61: @@
 * Secure Programming for Linux and Unix HOWTO, David Wheeler (2004) http://www.dwheeler.com/secure-programs
-Online version:
+*+ Online version: http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/index.html
 * Securing Java, by Gary McGraw, Edward W. Felten, published by Wiley, ISBN 047131952X (1999) - http://www.securingjava.com