This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
OWASP Newsletter 3
From OWASP
Using the same format as used in OWASP Newsletter 1 and OWASP Newsletter 2 this is the page that will be used for the next Newsletter
OWASP News
{....}
OWASP Projects that need your help
- [Java Project]: Convert Mark Petrovic's article Discovering a Java Application's Security Requirements into the WIKI (contact Stephen de Vries if you are interrested)
- [.Net Project]: Add PDP GnuCitizen AttackAPI to OWASP Site Generator and convert the php files into ASP.NET
Featured Projects:
OWASP Java Project
- How to perform HTML entity encoding in Java to prevent Cross Site Scripting attacks
- JAAS Tomcat Login Module - an example of how to implement a time delayed JAAS login module in Tomcat
- Securing Apache Tomcat - a guide for deployers on how to secure Apache Tomcat
- Hashing in Java - how to securely implement cryptographic hashing in Java
Latest additions to the WIKI
Updated pages
- OWASP student projects - Updated with new ideas for projects
- How OWASP Works - Updated information on OWASP's board current structure and future plans
- OWASP WebScarab NG Project Technical Info - Technical info about the OWASP WebScarab NG Project
OWASP Community
{....}
OWASP News Headlines
{....}
Application Security News
- Web Application Security Professionals Survey (Jan. 2007) - Jeremiah Grossman just released his survey with lots of very interresting data. Make sure you check out section '11) Top 3 web application security resources' which is a nice database of the most popular vulnerability assessment tools and knowledge resources (#1 was RSnake's Blog, and #2 was OWASP :) )
{....}
OWASP references in the Media
{....}