This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP/Training/LAPSE+

From OWASP
Revision as of 02:36, 4 August 2011 by Bruno Motta Rego (talk | contribs)

Jump to: navigation, search
MODULE
OWASP LAPSE Project
Overview & Goal
 

To be filled in

Contents Materials
LAPSE+ is based on the static analysis of code to detect the source, is a security scanner for detecting vulnerabilities of untrusted data injection in Java EE Applications. It has been developed as a plugin for Eclipse Java Development Environment, working specifically with Eclipse Helios and Java 1.6 or higher. The vulnerability categories detected by LAPSE+ are enumerated below:
  • URL Tampering
  • Cookie Poisoning
  • Parameter Tampering
  • Header Manipulation
  • Cross-site Scripting (XSS)
  • HTTP Response Splitting
  • Injections (SQL, Command, XPath, XML, LDAP)
  • Path Traversal
 
  • To be filled in

 

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP/Training/LAPSE%2B&oldid=115000"