User contributions

(newest | oldest) View (newer 50 | older 50) (20 | 50 | 100 | 250 | 500)

• 22:29, 12 November 2018 (diff | hist) . . (+80)‎ . . m Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet ‎ (→‎The link-presenter host with regard to the Referer/Origin check)
• 22:28, 12 November 2018 (diff | hist) . . (+8)‎ . . m Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet ‎ (→‎The link host argument against the Referer/Origin check)
• 22:27, 12 November 2018 (diff | hist) . . (+1,462)‎ . . Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet ‎ (→‎The link host argument against the Referer/Origin check: new section)
• 00:42, 27 May 2018 (diff | hist) . . (+159)‎ . . m Testing for HTTP Verb Tampering (OTG-INPVAL-003) ‎ (recover the link's PDF sub-link) (current)
• 04:06, 7 February 2018 (diff | hist) . . (+2)‎ . . m SQL Injection Prevention Cheat Sheet ‎ (→‎Defense Option 4: Escaping All User-Supplied Input: reflect absence of concrete codecs in the "active" ESAPI)
• 04:04, 7 February 2018 (diff | hist) . . (+25)‎ . . m SQL Injection Prevention Cheat Sheet ‎ (→‎Defense Option 4: Escaping All User-Supplied Input: reflect absence of concrete codecs in the "active" ESAPI)
• 03:51, 7 February 2018 (diff | hist) . . (-94)‎ . . m SQL Injection Prevention Cheat Sheet ‎ (→‎Defense Option 4: Escaping All User-Supplied Input: sync with project moves, use a descriptive style)
• 03:43, 7 February 2018 (diff | hist) . . (-22)‎ . . m SQL Injection Prevention Cheat Sheet ‎ (Avoid cross-border injection)
• 12:37, 17 July 2017 (diff | hist) . . (-1,084)‎ . . Talk:Benchmark ‎ (Clean up and agree)
• 16:49, 2 June 2017 (diff | hist) . . (+42)‎ . . m Clickjacking Defense Cheat Sheet ‎ (→‎Best-for-now Legacy Browser Frame Breaking Script: bring a backup copy instead of the site failure)
• 13:53, 1 June 2017 (diff | hist) . . (-6)‎ . . m Top 10-2017 A7-Cross-Site Scripting (XSS) ‎ (Correct the abuse scenario. Change the style from prescriptive to descriptive to sustain the Burden of Proof.)
• 19:54, 31 May 2017 (diff | hist) . . (-35)‎ . . Top 10-2017 A7-Cross-Site Scripting (XSS) ‎ (Clarify introduction.)
• 19:31, 31 May 2017 (diff | hist) . . (+287)‎ . . Top 10-2017 A7-Cross-Site Scripting (XSS) ‎ (Clarify automation challenges.)
• 19:18, 31 May 2017 (diff | hist) . . (+40)‎ . . m Top 10-2017 A7-Cross-Site Scripting (XSS) ‎ (Correct the abuse scenario. Change the style from prescriptive to descriptive to sustain the Burden of Proof.)
• 19:13, 31 May 2017 (diff | hist) . . (-26)‎ . . m Top 10-2017 A7-Cross-Site Scripting (XSS) ‎ (Correct the abuse scenario. Change the style from prescriptive to descriptive to sustain the Burden of Proof.)
• 19:09, 31 May 2017 (diff | hist) . . (-22)‎ . . m Top 10-2017 A7-Cross-Site Scripting (XSS) ‎ (Correct the abuse scenario. Change the style from prescriptive to descriptive to sustain the Burden of Proof.)
• 19:06, 31 May 2017 (diff | hist) . . (+26)‎ . . m Top 10-2017 A7-Cross-Site Scripting (XSS) ‎ (Correct the abuse scenario. Change the style from prescriptive to descriptive to sustain the Burden of Proof.)
• 19:02, 31 May 2017 (diff | hist) . . (+6)‎ . . m Top 10-2017 A7-Cross-Site Scripting (XSS) ‎ (Correct the abuse scenario. Change the style from prescriptive to descriptive to sustain the Burden of Proof.)
• 19:00, 31 May 2017 (diff | hist) . . (0)‎ . . m Top 10-2017 A7-Cross-Site Scripting (XSS) ‎ (Correct the abuse scenario. Change the style from prescriptive to descriptive to sustain the Burden of Proof.)
• 19:00, 31 May 2017 (diff | hist) . . (+231)‎ . . m Top 10-2017 A7-Cross-Site Scripting (XSS) ‎ (Correct the abuse scenario. Change the style from prescriptive to descriptive to sustain the Burden of Proof.)
• 18:54, 31 May 2017 (diff | hist) . . (+505)‎ . . m Top 10-2017 A7-Cross-Site Scripting (XSS) ‎ (Correct the abuse scenario. Change the style from prescriptive to descriptive to sustain the Burden of Proof.)
• 18:40, 31 May 2017 (diff | hist) . . (+72)‎ . . Top 10-2017 A7-Cross-Site Scripting (XSS) ‎ (Correct the abuse scenario. Change the style from prescriptive to descriptive to sustain the Burden of Proof.) (Tag: Visual edit: Switched)
• 16:57, 30 May 2017 (diff | hist) . . (+1)‎ . . m Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet ‎ (→‎Origin/Referrer Check doesn't Work When the URL is Entered into the Browser)
• 14:13, 30 May 2017 (diff | hist) . . (+8)‎ . . m Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet ‎ (→‎Origin/Referrer Check doesn't Work When the URL is Entered into the Browser)
• 14:11, 30 May 2017 (diff | hist) . . (+25)‎ . . m Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet ‎ (→‎Origin/Referrer Check doesn't Work When the URL is Entered into the Browser)
• 14:11, 30 May 2017 (diff | hist) . . (+993)‎ . . Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet ‎ (→‎Origin/Referrer Check doesn't Work When the URL is Entered into the Browser)
• 20:50, 29 March 2017 (diff | hist) . . (+790)‎ . . N Talk:Mobile Top 10 2016-Top 10 ‎ (+screen capture attack) (current)
• 14:34, 28 March 2017 (diff | hist) . . (-15)‎ . . m Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet ‎ (→‎Identifying cross-origin requests)
• 15:02, 27 March 2017 (diff | hist) . . (+445)‎ . . Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet ‎ (→‎Identifying cross-origin requests: Clarified)
• 14:53, 20 March 2017 (diff | hist) . . (+259)‎ . . m Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet ‎ (→‎Double Submit Cookie: +a limitation in the Double Submit Cookie guard)
• 14:49, 20 March 2017 (diff | hist) . . (+253)‎ . . Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet ‎ (→‎Double Submit Cookie: +a limitation in the Double Submit Cookie guard)
• 18:44, 10 March 2017 (diff | hist) . . (+578)‎ . . Talk:Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet ‎ (+ Identifying cross-origin requests)
• 17:57, 10 March 2017 (diff | hist) . . (+271)‎ . . m Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet ‎ (→‎Checking the Origin Header: +no Origin header sent by IE within a trusted zone)
• 17:51, 20 October 2016 (diff | hist) . . (+123)‎ . . m Talk:Benchmark ‎
• 17:49, 20 October 2016 (diff | hist) . . (+1)‎ . . m Talk:Benchmark ‎
• 17:49, 20 October 2016 (diff | hist) . . (+924)‎ . . Talk:Benchmark ‎ (→‎Request headers in XSS attacks: emphasize my doubt in Referer attacks)
• 20:00, 5 August 2016 (diff | hist) . . (-3)‎ . . m Talk:Benchmark ‎ (→‎The meaning of the diagonal: follow the meaning of FPR and TPR instead of attributing misunderstood meanings)
• 01:34, 26 July 2016 (diff | hist) . . (+585)‎ . . Talk:Benchmark ‎ (→‎Request headers in XSS attacks: new section)
• 01:34, 14 July 2016 (diff | hist) . . (-7)‎ . . m Talk:Benchmark ‎
• 01:31, 14 July 2016 (diff | hist) . . (+7)‎ . . m Talk:Benchmark ‎
• 01:28, 14 July 2016 (diff | hist) . . (+28)‎ . . m Talk:Benchmark ‎
• 01:24, 14 July 2016 (diff | hist) . . (0)‎ . . m Talk:Benchmark ‎
• 01:22, 14 July 2016 (diff | hist) . . (+309)‎ . . Talk:Benchmark ‎
• 01:01, 14 July 2016 (diff | hist) . . (+562)‎ . . N Talk:Benchmark ‎ (→‎The diagonal's meaning: new section)
• 22:14, 7 July 2016 (diff | hist) . . (+163)‎ . . Talk:XSS Filter Evasion Cheat Sheet ‎
• 20:49, 7 July 2016 (diff | hist) . . (+17)‎ . . m Talk:XSS Filter Evasion Cheat Sheet ‎
• 20:48, 7 July 2016 (diff | hist) . . (+594)‎ . . Talk:XSS Filter Evasion Cheat Sheet ‎ (→‎%tag: new section)
• 01:23, 1 July 2016 (diff | hist) . . (+81)‎ . . OWASP Application Security FAQ ‎ (→‎My site will be used from publicly shared computers. What precautions must I take?: direct to up-to-date one-way encryption procedures; formalize the style)
• 21:08, 27 June 2016 (diff | hist) . . (+38)‎ . . m CSRFGuard 3 Token Injection ‎ (→‎Generate Link with Prevention Token: +category) (current)
• 18:50, 28 April 2016 (diff | hist) . . (+103)‎ . . User talk:Eelgheez ‎ (thanks)

(newest | oldest) View (newer 50 | older 50) (20 | 50 | 100 | 250 | 500)