This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Guide Frontispiece

Revision as of 15:20, 25 July 2006 by Scovetta (talk | contribs) (Sorted by last name)

Jump to: navigation, search

A Guide to Building Secure Web Applications and Web Services

2.1 (DRAFT 3) February 2006 OWASP Foundation

Guide Table of Contents


To my fellow procrastinators and TiVo addicts, this book proves that given enough “tomorrows,” anything is possible. --Andrew van der Stock

Copyright and license

© 2001 – 2006 OWASP Foundation. The Guide is licensed under the Free Documentation License, a copy of which is found in the Appendix. PERMISSION IS GRANTED TO COPY, DISTRIBUTE, AND/OR MODIFY THIS DOCUMENT PROVIDED THIS COPYRIGHT NOTICE AND ATTRIBUTION TO OWASP IS RETAINED.


The Guide has had several editors over various editions, all of whom have contributed immensely as authors, project managers, and editors over the lengthy period of the Guide’s gestation. Guide 2.x series editors:

Andrew van der Stock Adrian Wiesmann

Authors and Reviewers

The Guide would not be where it is today without the generous gift of volunteer time and effort from many individuals. The following people helped develop Guide 2.x:

  • Ernesto Arroyo
  • José Pedro Arroyo
  • Derek Browne
  • Izhar By-Gad
  • Daniel Cornell
  • Martin Eizner
  • David Endler
  • Raoul Endres
  • Brian Greidanus
  • Dennis Groves
  • Darrel Grundy
  • Robert Hansen
  • William Hau
  • Michael Howard
  • Sverre Huseby
  • Abraham Kang
  • Eoin Keary
  • Amit Klein
  • Neal Krawetz
  • Erik Lee
  • Frank Lemmon
  • Hal Lockhart
  • Gene McKenna
  • Kevin McLaughlin
  • Roy McNamara
  • K.K. Mookhey
  • Richard Parke
  • Denis Pilipchuk
  • Jeremy Poteet
  • Michael Scovetta
  • Mikael Simonsson
  • Tim Smith
  • Ray Stirbei
  • Steve Taylor
  • Christopher Todd
  • Nigel Tranter
  • Andrew van der Stock
  • Adrian Wiesmann

Revision History

Date Version Pages Notes
July 26, 2005 2.0 Blackhat Edition 280 pages Andrew van der Stock, Guide Lead
July 27, 2005 2.0.1 Blackhat Edition++ 293 pages Cryptography chapter review

from Michael Howard incorporated

September 12, 2005 2.1 DRAFT 1 X pages Changes from many sources

New SQA chapter from Frank Lemmon

January 2006 2.1 DRAFT 2 X pages Changes from Bill Pollock

New chapters from Erick Lee New revisions from Dan Cornell

February 2006 2.1 DRAFT 3 X pages Ajax chapter

Many chapters back from reviewers

Guide Table of Contents