Difference between revisions of "AppSensor DetectionPoints"

Revision as of 22:58, 16 February 2010

1 RequestException
2 AuthenticationException
3 SessionException
4 AccessControlException
5 InputException
- 5.1 IE1: Cross Site Scripting Attempt
- 5.2 IE2: Violations Of Implemented White Lists
6 EncodingException
- 6.1 EE1: Double Encoded Characters
- 6.2 EE2: Unexpected Encoding Used
7 CommandInjectionException
8 FileIOException
- 8.1 FIO1: Detect Large Individual Files
- 8.2 FIO2: Detect Large Number Of File Uploads
9 UserTrendException
10 SystemTrendException

RequestException

RE1: Unexpected HTTP Commands

id	RE1
title	Unexpected HTTP Commands
category	RequestException
description	An HTTP request is received which contains unexpected commands. A list of accepted commands should be generated (i.e. GET and POST) and all other HTTP commands should generate an event.
consideration
examples	Instead of a GET or POST request, the user sends a TRACE request to the application.
code	java .net PHP

RE2: Attempts To Invoke Unsupported HTTP Methods

id	RE2
title	Attempts To Invoke Unsupported HTTP Methods
category	RequestException
description	An http request is received which contains a non-existent HTTP command
consideration
examples	Instead of a GET or POST request, the user sends a TEST request to the application (TEST is not a valid http request)
code	java .net PHP

RE3: GET When Expecting POST

id	RE3
title	GET When Expecting POST
category	RequestException
description	A page which is expecting only GET requests, receives a POST.
consideration
examples	The user sends a GET request to a page which has only been used for POSTs
code	java .net PHP

RE4: POST When Expecting GET

id	RE4
title	POST When Expecting GET
category	RequestException
description	A page which is expecting only POST requests, receives a GET
consideration
examples	The user uses a proxy tool to build a custom POST request and sends it to a page which has been accessed by GET requests.
code	java .net PHP

AuthenticationException

AE1: Use Of Multiple Usernames

id	AE1
title	Use Of Multiple Usernames
category	AuthenticationException
description	Multiple usernames are attempted when logging into the application. The assignment of login attempts to a user can be based off of a sessionID given to the user when they visit the website. Correlating based on IP address is difficult since multiple users could be using the site from the same IP address (e.g. corporate NAT)
consideration
examples	User first tries username bob, then username sue, then steve etc
code	java .net PHP

AE2: Multiple Failed Passwords

id	AE2
title	Multiple Failed Passwords
category	AuthenticationException
description	For a single username, multiple bad passwords are entered
consideration
examples	User tries username:password combination of user:pass1, user:pass2, user:pass3, etc
code	java .net PHP

AE3: High Rate Of Login Attempts

id	AE3
title	High Rate Of Login Attempts
category	AuthenticationException
description	The number of logins sent per minute becomes too high indicating an automated login attack
consideration
examples	User sends the following login attempts within 1 second. user1:pass1, user1:pass2, user2:pass3, user2:pass4
code	java .net PHP

AE4: Unexpected Quantity Of Characters In Username

id	AE4
title	Unexpected Quantity Of Characters In Username
category	AuthenticationException
description	The user provides a username with a large number of characters
consideration
examples	The user sends a username that is 200 characters long
code	java .net PHP

AE5: Unexpected Quantity Of Characters In Password

id	AE5
title	Unexpected Quantity Of Characters In Password
category	AuthenticationException
description	The user provides a password with a large number of characters
consideration
examples	The user sends a password that is 200 characters long
code	java .net PHP

AE6: Unexpected Types Of Characters In Username

id	AE6
title	Unexpected Types Of Characters In Username
category	AuthenticationException
description	The user provides non-printable characters such as the null byte. Any characters below hex value 20 or above 7E are considered illegal (decimal values of below 32 or above 126)
consideration
examples	The user sends a username that contains ascii characters below 20 or above 7E
code	java .net PHP

AE7: Unexpected Types Of Characters In Password

id	AE7
title	Unexpected Types Of Characters In Password
category	AuthenticationException
description	The user provides characters such as the null byte, alt-characters, (WHAT IS THE NAME FOR THOSE)
consideration
examples	The user sends a password that contains ascii characters below 20 or above 7E
code	java .net PHP

AE8: Providing Only The Username

id	AE8
title	Providing Only The Username
category	AuthenticationException
description	The user submits a post request which only contains the username variable. The password variable has been removed. This is different from only providing the username in the login form since in that case the password variable would be present and empty.
consideration
examples	The user uses a proxy tool to remove the password variable from the submitted post request.
code	java .net PHP

AE9: Providing Only The Password

id	AE9
title	Providing Only The Password
category	AuthenticationException
description	The user submits a post request which only contains the password variable. The username variable has been removed. This is different from only providing the password in the login form since in that case the username variable would be present and empty.
consideration
examples	The user uses a proxy tool to remove the username variable from the submitted post request.
code	java .net PHP

AE10: Adding Additional POST Variables

id	AE10
title	Adding Additional POST Variables
category	AuthenticationException
description	Additional, unexpected post variables are received during an authentication request.
consideration
examples	The user uses a proxy tool to add the additional post variable of admin=true to the post request
code	java .net PHP

AE11: Removing POST Variables

id	AE11
title	Removing POST Variables
category	AuthenticationException
description	Expected post variables are not present within the submitted authentication requests
consideration
examples	The user uses a proxy tool to remove an additional post variable, such as guest=true, from the post request
code	java .net PHP

SessionException

SE1: Modifying Existing Cookies

id	SE1
title	Modifying Existing Cookies
category	SessionException
description	A request is received containing a cookie with a modified value. This could be determined if the cookie is modified to an illegal value.
consideration
examples	The user uses a proxy tool to change the encrypted cookie to an alternative value which does not properly decode within the application. Or, the user modifies an unencrypted cookie and sets an illegal value for a particular variable.
code	java .net PHP

SE2: Adding New Cookies

id	SE2
title	Adding New Cookies
category	SessionException
description	A request is received which contains additional cookies that are not expected by the application.
consideration
examples	The user uses a proxy tool to add additional cookies to the request.
code	java .net PHP

SE3: Deleting Existing Cookies

id	SE3
title	Deleting Existing Cookies
category	SessionException
description	A request is received which does not contain the expected cookies.
consideration
examples	The user uses a proxy tool to remove cookies or portions of cookies from a request.
code	java .net PHP

SE4: Substituting Another User's Valid Session ID Or Cookie

id	SE4
title	Substituting Another User's Valid Session ID Or Cookie
category	SessionException
description	A request is received which contains cookie data that is clearly from another user or another session.
consideration
examples	The user uses a proxy tool to substitute valid data from another user or session into the cookie. An example would be changing some sort of identification number within the cookie.
code	java .net PHP

SE5: Source IP Address Changes During Session

id	SE5
title	Source IP Address Changes During Session
category	SessionException
description	Valid requests, containing valid session credentials, are received from multiple source IP addresses.
consideration
examples	User A's session is compromised and User B begins using the account. The requests originating from User B will possibly contain a different source IP address the User A. The source IP addresses could be the same if both users where behind the same NAT.
code	java .net PHP

SE6: Change Of User Agent Mid Session

id	SE6
title	Change Of User Agent Mid Session
category	SessionException
description	The User-Agent value of the header changes during an authenticated session. This indicates a different browser is now being used. Although this value is under the control of the sender, a change in this may indicates that the session has been compromised and is being used another individual. This will likely not be the case that the user has simply copied and pasted the URL from one browser to another on the same system because this action would not copy over the appropriate session identifiers.
consideration
examples	Midsession, the UserAgent changes from Firefox to Internet Explorer
code	java .net PHP

AccessControlException

ACE1: Modifying URL Arguments Within a GET For Direct Object Access Attempts

id	ACE1
title	Modifying URL Arguments Within a GET For Direct Object Access Attempts
category	AccessControlException
description	The application is designed to use an identifier for a particular object, such as using categoryID=4 or user=guest within the URL. A user modifies this value in an attempt to access unauthorized information. This exception should be thrown anytime the identifier received from the user is not authorized due to the identifier being nonexistent or the identifier not authorized for that user.
consideration
examples	The user modifies the following URL from FIX THIS
code	java .net PHP

ACE2: Modifying Parameters Within A POST For Direct Object Access Attempts

id	ACE2
title	Modifying Parameters Within A POST For Direct Object Access Attempts
category	AccessControlException
description	The value of a non-free text html form element (i.e. drop down box, radio button) is modified to an illegal value. The value either does not exist or is not authorized for the user.
consideration
examples	The user uses a proxy tool to intercept a post request and changes the posted value to a value that was not available through the normal display. For example, the user encounters a dropdown box containing the numbers 1 through 10. The user selects 5 and then intercepts the post to change the submitted value to 100.
code	java .net PHP

ACE3: Force Browsing Attempts

id	ACE3
title	Force Browsing Attempts
category	AccessControlException
description	An authenticated user sends a request for a non-existent page or a page that is not authorized for the user.
consideration
examples	The user is authenticated and requests site.com/PageThatDoesNotExist
code	java .net PHP

ACE4: Evading Presentation Access Control Through Custom Posts

id	ACE4
title	Evading Presentation Access Control Through Custom Posts
category	AccessControlException
description	A post request is received which is not authorized for the current user and the user could not have performed this action without crafting a custom POST request. This situation is most likely to occur when presentation layer access controls are in place and have removed the user's ability to initiate the action through the presentation of the application. An attacker may be aware of the functionality and attempt to bypass this presentation layer access control by crafting their own custom message and sending this in an attempt to execute the functionality.
consideration
examples	The application contains the ability for an administrator to delete a user. This method is normally invoked by entering the username and posting to https://oursite/deleteuser Presentation layer access controls ensure the delete user form is not displayed to non-administrator users. A malicious user has access to a non-administrator account and is aware of the delete user functionality. The malicious user sends a custom crafted post message to https://oursite/deleteuser in an attempt to execute the delete user method.
code	java .net PHP

InputException

IE1: Cross Site Scripting Attempt

id	IE1
title	Cross Site Scripting Attempt
category	InputException
description	The HTTP request contains common XSS attacks which are often used by attackers probing for XSS vulnerabilities. Detection should be configured to test all GET and POST values as well as all header names and values for the following values.
consideration
examples	The user uses a proxy tool to add an XSS attack to the header value and the """"displayname"""" post variable. The header value could be displayed to an admin viewing log files and the """"displayname"""" post variable may be stored in the application and displayed to other users. Note, the following xss attacks would be used by an attacker to probe for vulnerability. An actual XSS attack would be customized by the attacker. <script>alert(document.cookie);</script> <script>alert();</script> alert(String.fromCharCode(88,83,83)) <IMG SRC="javascript:alert('XSS');"> <IMG SRC=javascript:alert('XSS')> <IMG SRC=javascript:alert("XSS")> <BODY ONLOAD=alert('XSS')>
code	java .net PHP

IE2: Violations Of Implemented White Lists

id	IE2
title	Violations Of Implemented White Lists
category	InputException
description	The application receives user-supplied data that violates an established white list validation.
consideration
examples	The user submits data that is not correct for the particular field. This may not be attack data necessarily, but repeated violations could be an attempt by the attacker to determine how an application works or to discover a flaw.
code	java .net PHP

EncodingException

EE1: Double Encoded Characters

id	EE1
title	Double Encoded Characters
category	EncodingException
description	An HTTP request is received which contains values that have been double encoded.
consideration
examples	The user sends encodes the % symbol to %25 and appends 3C. The user is sending %253C which may be interpreted by the application as %3C which is actually <.
code	java .net PHP

EE2: Unexpected Encoding Used

id	EE2
title	Unexpected Encoding Used
category	EncodingException
description	An HTTP request is received which contains values that have encoded in an unexpected format.
consideration
examples	The user encodes an attack such as alert(document.cookie) into the UTF-7 format and sends this data the application. This could bypass validation filters and be rendered to a user in certain situations.
code	java .net PHP

CommandInjectionException

CIE1: Blacklist Inspection For Common SQL Injection Values

id	CIE1
title	Blacklist Inspection For Common SQL Injection Values
category	CommandInjectionException
description	A request is received which contains common SQL injection attack attempts. The point of this detection is not to detect all variations of a SQL injection attack, but to detect the common probes which an attacker or tool might use to determine if a SQL injection vulnerability is present. Unless the site contains some sort of message board for discussing SQL injection, there is little reason that the SQL injection examples should ever be received from a user request.
consideration
examples	The user sends a request and modifies a URL parameter from category = 5 to category = 5' OR '1' = '1 in an attempt to perform an SQL injection attack. The user could perform similar attacks by modifying post variables or even the request headers to contain SQL injection attacks. ' OR '1'='1 ' OR 'a'='a ' OR 1=1-- xp_cmdshell UNION JOIN
code	java .net PHP

CIE2: Detect Abnormal Quantity Of Returned Records

id	CIE2
title	Detect Abnormal Quantity Of Returned Records
category	CommandInjectionException
description	A database query is executed which returns more records than expected. For example, if the query should only return 1 record and 100 records are returned, then something has likely gone wrong.
consideration
examples	The application is designed to allow a user to maintain 5 profiles. A user makes a request to view all of their profiles. The database query, which is expected to always return 5 or less results, returns 10,000 records. Something in the application, or user's actions, has caused unauthorized data to be returned.
code	java .net PHP

CIE3: Null Byte Character In File Request

id	CIE3
title	Null Byte Character In File Request
category	CommandInjectionException
description	A request is received to download a file from the server. The filename requested contains the null byte the file name. This is an attempted OS injection attack.
consideration
examples	The user modifies the filename of the requested file to download to contain the null byte. The null byte can be added by inserting the hex value %00.
code	java .net PHP

CIE4: Carriage Return Or Line Feed Character In File Request

id	CIE4
title	Carriage Return Or Line Feed Character In File Request
category	CommandInjectionException
description	A request is received which contains the carriage return or line feed characters within the posted data or the URL parameters. This is an attempted HTTP split response attack.
consideration
examples	The user includes the hex value %0D or %0A in the http request post data or URL parameters.
code	java .net PHP

FileIOException

FIO1: Detect Large Individual Files

id	FIO1
title	Detect Large Individual Files
category	FileIOException
description	A file upload feature detects that a large file has been submitted for upload which exceeds the maximum upload size
consideration
examples	The user attempts to upload a large file to occupy resources or fill up disk space
code	java .net PHP

FIO2: Detect Large Number Of File Uploads

id	FIO2
title	Detect Large Number Of File Uploads
category	FileIOException
description	A user uploads an excessively large number of files.
consideration
examples	A single user attempts to upload multiple small files to occupy resources or fill up disk space
code	java .net PHP

UserTrendException

UT1: Irregular Use Of Application

id	UT1
title	Irregular Use Of Application
category	UserTrendException
description	The application receives numerous requests for the same page or feature from a user. The user may be sending different data combinations or trying to detect errors in the page.
consideration
examples	The user requests a particular page, such as the address update page, numerous times.
code	java .net PHP

UT2: Speed Of Application Use

id	UT2
title	Speed Of Application Use
category	UserTrendException
description	The speed of requests from a user indicates that an automated tool is being used to access the site. The use of a tool may indicate reconnaissance for an attack or attempts to identify vulnerabilities in the site.
consideration
examples	The user utilizes an automated tool to request hundreds of pages per minute.
code	java .net PHP

UT3: Frequency Of Site Use

id	UT3
title	Frequency Of Site Use
category	UserTrendException
description	Does the user normally access the site 1 per week, and this is now many times per day
consideration
examples
code	java .net PHP

UT4: Frequency Of Feature Use

id	UT4
title	Frequency Of Feature Use
category	UserTrendException
description	The rate of a user utilizing a particular application feature changes dramatically.
consideration
examples
code	java .net PHP

SystemTrendException

STE1: High Number Of Logouts Across The Site

id	STE1
title	High Number Of Logouts Across The Site
category	SystemTrendException
description	A sudden spike in logouts across the application could indicate a XSS and CSRF attack placed within the application which is automatically logging off users.
consideration
examples	The hourly usage of the logoff feature of the application suddenly spikes by 500%.
code	java .net PHP

STE2: High Number Of Logins Across The Site

id	STE2
title	High Number Of Logins Across The Site
category	SystemTrendException
description	A sudden spike in logins across the application could indicate users being redirected to the site from a phishing email looking to exploit a XSS vulnerability in the site.
consideration
examples	The hourly usage of the logon feature of the application suddenly spikes by 500%.
code	java .net PHP

STE3: High Number Of Same Transaction Across The Site

id	STE3
title	High Number Of Same Transaction Across The Site
category	SystemTrendException
description	A sudden spike in similar activity across numerous users of the application may indicate a phishing attack or CSRF attack against the users.
consideration
examples	The hourly usage of the update email address feature of the application suddenly spikes by 500%.
code	java .net PHP

@@ Line 1: / Line 1: @@
 ==RequestException==
 ===RE1: Unexpected HTTP Commands===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 RE1
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Unexpected HTTP Commands
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 RequestException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 An HTTP request is received which contains unexpected commands. A list of accepted commands should be generated (i.e. GET and POST) and all other HTTP commands should generate an event.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Instead of a GET or POST request, the user sends a TRACE request to the application.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
-  test code would go here.
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_RE1#java java]
-  no encoding is needed. wiki handles it automatically
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_RE1#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_RE1#php PHP]
 </td></tr>
 </table>
 ===RE2: Attempts To Invoke Unsupported HTTP Methods===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 RE2
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Attempts To Invoke Unsupported HTTP Methods
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 RequestException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 An http request is received which contains a non-existent HTTP command
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Instead of a GET or POST request, the user sends a TEST request to the application (TEST is not a valid http request)
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_RE2#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_RE2#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_RE2#php PHP]
 </td></tr>
 </table>
 ===RE3: GET When Expecting POST===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 RE3
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 GET When Expecting POST
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 RequestException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 A page which is expecting only GET requests, receives a POST.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user sends a GET request to a page which has only been used for POSTs
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_RE3#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_RE3#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_RE3#php PHP]
 </td></tr>
 </table>
 ===RE4: POST When Expecting GET===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 RE4
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 POST When Expecting GET
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 RequestException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 A page which is expecting only POST requests, receives a GET
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user uses a proxy tool to build a custom POST request and sends it to a page which has been accessed by GET requests.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_RE4#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_RE4#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_RE4#php PHP]
 </td></tr>
 </table>
 ==AuthenticationException==
 ===AE1: Use Of Multiple Usernames===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AE1
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Use Of Multiple Usernames
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AuthenticationException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Multiple usernames are attempted when logging into the application. The assignment of login attempts to a user can be based off of a sessionID given to the user when they visit the website. Correlating based on IP address is difficult since multiple users could be using the site from the same IP address (e.g. corporate NAT)
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 User first tries username bob, then username sue, then steve etc
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE1#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE1#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE1#php PHP]
 </td></tr>
 </table>
 ===AE2: Multiple Failed Passwords===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AE2
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Multiple Failed Passwords
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AuthenticationException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 For a single username, multiple bad passwords are entered
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 User tries username:password combination of user:pass1, user:pass2, user:pass3, etc
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE2#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE2#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE2#php PHP]
 </td></tr>
 </table>
 ===AE3: High Rate Of Login Attempts===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AE3
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 High Rate Of Login Attempts
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AuthenticationException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The number of logins sent per minute becomes too high indicating an automated login attack
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 User sends the following login attempts within 1 second. user1:pass1, user1:pass2, user2:pass3, user2:pass4
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE3#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE3#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE3#php PHP]
 </td></tr>
 </table>
 ===AE4: Unexpected Quantity Of Characters In Username===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AE4
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Unexpected Quantity Of Characters In Username
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AuthenticationException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user provides a username with a large number of characters
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user sends a username that is 200 characters long
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE4#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE4#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE4#php PHP]
 </td></tr>
 </table>
 ===AE5: Unexpected Quantity Of Characters In Password===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AE5
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Unexpected Quantity Of Characters In Password
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AuthenticationException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user provides a password with a large number of characters
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user sends a password that is 200 characters long
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE5#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE5#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE5#php PHP]
 </td></tr>
 </table>
 ===AE6: Unexpected Types Of Characters In Username===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AE6
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Unexpected Types Of Characters In Username
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AuthenticationException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user provides non-printable characters such as the null byte. Any characters below hex value 20 or above 7E are considered illegal (decimal values of below 32 or above 126)
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user sends a username that contains ascii characters below 20 or above 7E
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE6#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE6#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE6#php PHP]
 </td></tr>
 </table>
 ===AE7: Unexpected Types Of Characters In Password===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AE7
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Unexpected Types Of Characters In Password
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AuthenticationException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user provides characters such as the null byte, alt-characters, (WHAT IS THE NAME FOR THOSE)
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user sends a password that contains ascii characters below 20 or above 7E
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE7#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE7#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE7#php PHP]
 </td></tr>
 </table>
 ===AE8: Providing Only The Username===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AE8
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Providing Only The Username
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AuthenticationException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user submits a post request which only contains the username variable. The password variable has been removed. This is different from only providing the username in the login form since in that case the password variable would be present and empty.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user uses a proxy tool to remove the password variable from the submitted post request.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE8#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE8#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE8#php PHP]
 </td></tr>
 </table>
 ===AE9: Providing Only The Password===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AE9
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Providing Only The Password
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AuthenticationException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user submits a post request which only contains the password variable. The username variable has been removed. This is different from only providing the password in the login form since in that case the username variable would be present and empty.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user uses a proxy tool to remove the username variable from the submitted post request.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE9#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE9#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE9#php PHP]
 </td></tr>
 </table>
 ===AE10: Adding Additional POST Variables===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AE10
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Adding Additional POST Variables
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AuthenticationException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Additional, unexpected post variables are received during an authentication request.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user uses a proxy tool to add the additional post variable of admin=true to the post request
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE10#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE10#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE10#php PHP]
 </td></tr>
 </table>
 ===AE11: Removing POST Variables===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AE11
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Removing POST Variables
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AuthenticationException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Expected post variables are not present within the submitted authentication requests
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user uses a proxy tool to remove an additional post variable, such as guest=true, from the post request
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE11#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE11#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_AE11#php PHP]
 </td></tr>
 </table>
 ==SessionException==
 ===SE1: Modifying Existing Cookies===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 SE1
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Modifying Existing Cookies
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 SessionException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 A request is received containing a cookie with a modified value. This could be determined if the cookie is modified to an illegal value.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user uses a proxy tool to change the encrypted cookie to an alternative value which does not properly decode within the application. Or, the user modifies an unencrypted cookie and sets an illegal value for a particular variable.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_SE1#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_SE1#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_SE1#php PHP]
 </td></tr>
 </table>
 ===SE2: Adding New Cookies===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 SE2
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Adding New Cookies
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 SessionException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 A request is received which contains additional cookies that are not expected by the application.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user uses a proxy tool to add additional cookies to the request.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_SE2#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_SE2#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_SE2#php PHP]
 </td></tr>
 </table>
 ===SE3: Deleting Existing Cookies===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 SE3
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Deleting Existing Cookies
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 SessionException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 A request is received which does not contain the expected cookies.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user uses a proxy tool to remove cookies or portions of cookies from a request.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_SE3#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_SE3#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_SE3#php PHP]
 </td></tr>
 </table>
 ===SE4: Substituting Another User's Valid Session ID Or Cookie===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 SE4
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Substituting Another User's Valid Session ID Or Cookie
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 SessionException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 A request is received which contains cookie data that is clearly from another user or another session.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user uses a proxy tool to substitute valid data from another user or session into the cookie. An example would be changing some sort of identification number within the cookie.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_SE4#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_SE4#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_SE4#php PHP]
 </td></tr>
 </table>
 ===SE5: Source IP Address Changes During Session===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 SE5
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Source IP Address Changes During Session
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 SessionException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Valid requests, containing valid session credentials, are received from multiple source IP addresses.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 User A's session is compromised and User B begins using the account. The requests originating from User B will possibly contain a different source IP address the User A. The source IP addresses could be the same if both users where behind the same NAT.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_SE5#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_SE5#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_SE5#php PHP]
 </td></tr>
 </table>
 ===SE6: Change Of User Agent Mid Session===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 SE6
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Change Of User Agent Mid Session
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 SessionException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The User-Agent value of the header changes during an authenticated session. This indicates a different browser is now being used. Although this value is under the control of the sender, a change in this may indicates that the session has been compromised and is being used another individual. This will likely not be the case that the user has simply copied and pasted the URL from one browser to another on the same system because this action would not copy over the appropriate session identifiers.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Midsession, the UserAgent changes from Firefox to Internet Explorer
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_SE6#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_SE6#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_SE6#php PHP]
 </td></tr>
 </table>
 ==AccessControlException==
 ===ACE1: Modifying URL Arguments Within a GET For Direct Object Access Attempts===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 ACE1
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Modifying URL Arguments Within a GET For Direct Object Access Attempts
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AccessControlException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The application is designed to use an identifier for a particular object, such as using categoryID=4 or user=guest within the URL. A user modifies this value in an attempt to access unauthorized information. This exception should be thrown anytime the identifier received from the user is not authorized due to the identifier being nonexistent or the identifier not authorized for that user.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user modifies the following URL from FIX THIS
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_ACE1#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_ACE1#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_ACE1#php PHP]
 </td></tr>
 </table>
 ===ACE2: Modifying Parameters Within A POST For Direct Object Access Attempts===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 ACE2
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Modifying Parameters Within A POST For Direct Object Access Attempts
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AccessControlException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The value of a non-free text html form element (i.e. drop down box, radio button) is modified to an illegal value. The value either does not exist or is not authorized for the user.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user uses a proxy tool to intercept a post request and changes the posted value to a value that was not available through the normal display. For example, the user encounters a dropdown box containing the numbers 1 through 10. The user selects 5 and then intercepts the post to change the submitted value to 100.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_ACE2#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_ACE2#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_ACE2#php PHP]
 </td></tr>
 </table>
 ===ACE3: Force Browsing Attempts===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 ACE3
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Force Browsing Attempts
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AccessControlException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 An authenticated user sends a request for a non-existent page or a page that is not authorized for the user.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user is authenticated and requests site.com/PageThatDoesNotExist
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_ACE3#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_ACE3#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_ACE3#php PHP]
 </td></tr>
 </table>
 ===ACE4: Evading Presentation Access Control Through Custom Posts===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 ACE4
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Evading Presentation Access Control Through Custom Posts
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 AccessControlException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 A post request is received which is not authorized for the current user and the user could not have performed this action without crafting a custom POST request. This situation is most likely to occur when presentation layer access controls are in place and have removed the user's ability to initiate the action through the presentation of the application. An attacker may be aware of the functionality and attempt to bypass this presentation layer access control by crafting their own custom message and sending this in an attempt to execute the functionality.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The application contains the ability for an administrator to delete a user. This method is normally invoked by entering the username and posting to https://oursite/deleteuser
 Presentation layer access controls ensure the delete user form is not displayed to non-administrator users. A malicious user has access to a non-administrator account and is aware of the delete user functionality. The malicious user sends a custom crafted post message to https://oursite/deleteuser in an attempt to execute the delete user method.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_ACE4#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_ACE4#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_ACE4#php PHP]
 </td></tr>
 </table>
 ==InputException==
 ===IE1: Cross Site Scripting Attempt===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 IE1
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Cross Site Scripting Attempt
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 InputException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The HTTP request contains common XSS attacks which are often used by attackers probing for XSS vulnerabilities. Detection should be configured to test all GET and POST values as well as all header names and values for the following values.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user uses a proxy tool to add an XSS attack to the header value and the """"displayname"""" post variable. The header value could be displayed to an admin viewing log files and the """"displayname"""" post variable may be stored in the application and displayed to other users. Note, the following xss attacks would be used by an attacker to probe for vulnerability. An actual XSS attack would be customized by the attacker.
 &#60;script>alert(document.cookie);&#60;/script>
 &#60;script>alert();&#60;/script>
@@ Line 870: / Line 919: @@
 &#60;IMG SRC=javascript:alert(&#38;quot;XSS&#38;quot;)>
 &#60;BODY ONLOAD=alert('XSS')>
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_IE1#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_IE1#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_IE1#php PHP]
 </td></tr>
 </table>
 ===IE2: Violations Of Implemented White Lists===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 IE2
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Violations Of Implemented White Lists
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 InputException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The application receives user-supplied data that violates an established white list validation.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user submits data that is not correct for the particular field. This may not be attack data necessarily, but repeated violations could be an attempt by the attacker to determine how an application works or to discover a flaw.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_IE2#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_IE2#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_IE2#php PHP]
 </td></tr>
 </table>
 ==EncodingException==
 ===EE1: Double Encoded Characters===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 EE1
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Double Encoded Characters
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 EncodingException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 An HTTP request is received which contains values that have been double encoded.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user sends encodes the % symbol to %25 and appends 3C. The user is sending %253C which may be interpreted by the application as %3C which is actually &#60;.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_EE1#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_EE1#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_EE1#php PHP]
 </td></tr>
 </table>
 ===EE2: Unexpected Encoding Used===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 EE2
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Unexpected Encoding Used
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 EncodingException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 An HTTP request is received which contains values that have encoded in an unexpected format.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user encodes an attack such as alert(document.cookie) into the UTF-7 format and sends this data the application. This could bypass validation filters and be rendered to a user in certain situations.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_EE2#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_EE2#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_EE2#php PHP]
 </td></tr>
 </table>
 ==CommandInjectionException==
 ===CIE1: Blacklist Inspection For Common SQL Injection Values===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 CIE1
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Blacklist Inspection For Common SQL Injection Values
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 CommandInjectionException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 A request is received which contains common SQL injection attack attempts. The point of this detection is not to detect all variations of a SQL injection attack, but to detect the common probes which an attacker or tool might use to determine if a SQL injection vulnerability is present. Unless the site contains some sort of message board for discussing SQL injection, there is little reason that the SQL injection examples should ever be received from a user request.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user sends a request and modifies a URL parameter from category = 5 to category = 5' OR '1' = '1 in an attempt to perform an SQL injection attack. The user could perform similar attacks by modifying post variables or even the request headers to contain SQL injection attacks.
@@ Line 1,013: / Line 1,070: @@
 UNION
 JOIN
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_CIE1#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_CIE1#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_CIE1#php PHP]
 </td></tr>
 </table>
 ===CIE2: Detect Abnormal Quantity Of Returned Records===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 CIE2
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Detect Abnormal Quantity Of Returned Records
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 CommandInjectionException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 A database query is executed which returns more records than expected. For example, if the query should only return 1 record and 100 records are returned, then something has likely gone wrong.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The application is designed to allow a user to maintain 5 profiles. A user makes a request to view all of their profiles. The database query, which is expected to always return 5 or less results, returns 10,000 records. Something in the application, or user's actions, has caused unauthorized data to be returned.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_CIE2#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_CIE2#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_CIE2#php PHP]
 </td></tr>
 </table>
 ===CIE3: Null Byte Character In File Request===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 CIE3
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Null Byte Character In File Request
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 CommandInjectionException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 A request is received to download a file from the server. The filename requested contains the null byte the file name. This is an attempted OS injection attack.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user modifies the filename of the requested file to download to contain the null byte. The null byte can be added by inserting the hex value %00.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_CIE3#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_CIE3#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_CIE3#php PHP]
 </td></tr>
 </table>
 ===CIE4: Carriage Return Or Line Feed Character In File Request===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 CIE4
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Carriage Return Or Line Feed Character In File Request
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 CommandInjectionException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 A request is received which contains the carriage return or line feed characters within the posted data or the URL parameters. This is an attempted HTTP split response attack.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user includes the hex value %0D or %0A in the http request post data or URL parameters.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_CIE4#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_CIE4#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_CIE4#php PHP]
 </td></tr>
 </table>
 ==FileIOException==
 ===FIO1: Detect Large Individual Files===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 FIO1
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Detect Large Individual Files
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 FileIOException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 A file upload feature detects that a large file has been submitted for upload which exceeds the maximum upload size
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user attempts to upload a large file to occupy resources or fill up disk space
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_FIO1#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_FIO1#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_FIO1#php PHP]
 </td></tr>
 </table>
 ===FIO2: Detect Large Number Of File Uploads===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 FIO2
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Detect Large Number Of File Uploads
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 FileIOException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 A user uploads an excessively large number of files.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 A single user attempts to upload multiple small files to occupy resources or fill up disk space
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_FIO2#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_FIO2#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_FIO2#php PHP]
 </td></tr>
 </table>
 ==UserTrendException==
 ===UT1: Irregular Use Of Application===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 UT1
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Irregular Use Of Application
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 UserTrendException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The application receives numerous requests for the same page or feature from a user. The user may be sending different data combinations or trying to detect errors in the page.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user requests a particular page, such as the address update page, numerous times.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_UT1#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_UT1#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_UT1#php PHP]
 </td></tr>
 </table>
 ===UT2: Speed Of Application Use===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 UT2
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Speed Of Application Use
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 UserTrendException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The speed of requests from a user indicates that an automated tool is being used to access the site. The use of a tool may indicate reconnaissance for an attack or attempts to identify vulnerabilities in the site.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The user utilizes an automated tool to request hundreds of pages per minute.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_UT2#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_UT2#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_UT2#php PHP]
 </td></tr>
 </table>
 ===UT3: Frequency Of Site Use===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 UT3
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Frequency Of Site Use
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 UserTrendException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Does the user normally access the site 1 per week, and this is now many times per day
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_UT3#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_UT3#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_UT3#php PHP]
 </td></tr>
 </table>
 ===UT4: Frequency Of Feature Use===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 UT4
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 Frequency Of Feature Use
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 UserTrendException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The rate of a user utilizing a particular application feature changes dramatically.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_UT4#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_UT4#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_UT4#php PHP]
 </td></tr>
 </table>
 ==SystemTrendException==
 ===STE1: High Number Of Logouts Across The Site===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 STE1
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 High Number Of Logouts Across The Site
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 SystemTrendException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 A sudden spike in logouts across the application could indicate a XSS and CSRF attack placed within the application which is automatically logging off users.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The hourly usage of the logoff feature of the application suddenly spikes by 500%.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_STE1#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_STE1#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_STE1#php PHP]
 </td></tr>
 </table>
 ===STE2: High Number Of Logins Across The Site===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 STE2
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 High Number Of Logins Across The Site
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 SystemTrendException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 A sudden spike in logins across the application could indicate users being redirected to the site from a phishing email looking to exploit a XSS vulnerability in the site.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The hourly usage of the logon feature of the application suddenly spikes by 500%.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_STE2#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_STE2#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_STE2#php PHP]
 </td></tr>
 </table>
 ===STE3: High Number Of Same Transaction Across The Site===
 <table style="border-style:double;border-width:3px;" >
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >ID</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >id</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 STE3
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >TITLE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >title</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 High Number Of Same Transaction Across The Site
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CATEGORY</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >category</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 SystemTrendException
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >DESCRIPTION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >description</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 A sudden spike in similar activity across numerous users of the application may indicate a phishing attack or CSRF attack against the users.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CONSIDERATION</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >consideration</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >EXAMPLES</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >examples</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
 The hourly usage of the update email address feature of the application suddenly spikes by 500%.
 </td></tr>
-<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;" >CODE</td>
+<tr><td style="border-style:solid;border-width:1px;background-color:#CCCCCC;text-transform:uppercase " >code</td>
 <td style="background-color:#F2F2F2;table-layout:fixed;width:700px;" >
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_STE3#java java]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_STE3#net .net]
+[http://www.owasp.org/index.php/AppSensor_DetectionPoint_STE3#php PHP]
 </td></tr>
 </table>

Difference between revisions of "AppSensor DetectionPoints"

Revision as of 22:58, 16 February 2010

RequestException

RE1: Unexpected HTTP Commands

RE2: Attempts To Invoke Unsupported HTTP Methods

RE3: GET When Expecting POST

RE4: POST When Expecting GET

AuthenticationException

AE1: Use Of Multiple Usernames

AE2: Multiple Failed Passwords

AE3: High Rate Of Login Attempts

AE4: Unexpected Quantity Of Characters In Username

AE5: Unexpected Quantity Of Characters In Password

AE6: Unexpected Types Of Characters In Username

AE7: Unexpected Types Of Characters In Password

AE8: Providing Only The Username

AE9: Providing Only The Password

AE10: Adding Additional POST Variables

AE11: Removing POST Variables

SessionException

SE1: Modifying Existing Cookies

SE2: Adding New Cookies

SE3: Deleting Existing Cookies

SE4: Substituting Another User's Valid Session ID Or Cookie

SE5: Source IP Address Changes During Session

SE6: Change Of User Agent Mid Session

AccessControlException

ACE1: Modifying URL Arguments Within a GET For Direct Object Access Attempts

ACE2: Modifying Parameters Within A POST For Direct Object Access Attempts

ACE3: Force Browsing Attempts

ACE4: Evading Presentation Access Control Through Custom Posts

InputException

IE1: Cross Site Scripting Attempt

IE2: Violations Of Implemented White Lists

EncodingException

EE1: Double Encoded Characters

EE2: Unexpected Encoding Used

CommandInjectionException

CIE1: Blacklist Inspection For Common SQL Injection Values

CIE2: Detect Abnormal Quantity Of Returned Records

CIE3: Null Byte Character In File Request

CIE4: Carriage Return Or Line Feed Character In File Request

FileIOException

FIO1: Detect Large Individual Files

FIO2: Detect Large Number Of File Uploads

UserTrendException

UT1: Irregular Use Of Application

UT2: Speed Of Application Use

UT3: Frequency Of Site Use

UT4: Frequency Of Feature Use

SystemTrendException

STE1: High Number Of Logouts Across The Site

STE2: High Number Of Logins Across The Site

STE3: High Number Of Same Transaction Across The Site

Navigation menu

Search