This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
User contributions
- 15:42, 5 May 2018 (diff | hist) . . (+325) . . Talk:SameSite (re)
- 11:24, 15 June 2017 (diff | hist) . . (+1,113) . . Input Validation Cheat Sheet (→Whitelisting vs blacklisting: Validating free-form Unicode text=)
- 12:25, 17 May 2017 (diff | hist) . . (+146) . . Talk:Cryptographic Storage Cheat Sheet (3DES) (current)
- 10:44, 17 May 2017 (diff | hist) . . (+185) . . Cryptographic Storage Cheat Sheet (→Rule - Use strong random numbers: what to use instead for C and Java)
- 09:51, 17 May 2017 (diff | hist) . . (+271) . . SAML Security Cheat Sheet (→Input Validation: strong encryption)
- 12:35, 16 May 2017 (diff | hist) . . (+633) . . Input Validation Cheat Sheet (restructure a bit)
- 10:19, 16 May 2017 (diff | hist) . . (+1,565) . . Input Validation Cheat Sheet (Implementing input validation)
- 13:17, 15 May 2017 (diff | hist) . . (+2) . . m Input Validation Cheat Sheet (→Goal of Input Validation)
- 13:13, 15 May 2017 (diff | hist) . . (+362) . . Input Validation Cheat Sheet (→Goal of Input Validation: update, internal links)
- 12:54, 15 May 2017 (diff | hist) . . (+6) . . m Input Validation Cheat Sheet (→White List Regular Expression Examples: US zip code)
- 16:33, 3 May 2017 (diff | hist) . . (+136) . . Source Code Analysis Tools (→Open Source or Free Tools Of This Type: Bandit)
- 16:14, 3 May 2017 (diff | hist) . . (-4) . . Category:Vulnerability Scanning Tools (update the Beyond Security URL)
- 16:08, 3 May 2017 (diff | hist) . . (+151) . . Category:Vulnerability Scanning Tools (+Detectify)
- 16:06, 3 May 2017 (diff | hist) . . (+145) . . Category:Vulnerability Scanning Tools (+WebCookies)
- 10:43, 2 May 2017 (diff | hist) . . (-162) . . Content Security Policy (→Tools: no longer active)
- 13:45, 27 April 2017 (diff | hist) . . (+1,346) . . PL/SQL Security Cheat Sheet (REGEXP_LIKE + DBMS_ASSERT)
- 13:03, 27 April 2017 (diff | hist) . . (+44) . . m PL/SQL Security Cheat Sheet
- 10:48, 27 April 2017 (diff | hist) . . (-1) . . m PL/SQL Security Cheat Sheet
- 10:48, 27 April 2017 (diff | hist) . . (+12) . . m PL/SQL Security Cheat Sheet
- 10:46, 27 April 2017 (diff | hist) . . (+126) . . m PL/SQL Security Cheat Sheet
- 10:43, 27 April 2017 (diff | hist) . . (+139) . . PL/SQL Security Cheat Sheet (more samples)
- 10:38, 27 April 2017 (diff | hist) . . (-7) . . m PL/SQL Security Cheat Sheet
- 10:37, 27 April 2017 (diff | hist) . . (+761) . . PL/SQL Security Cheat Sheet (code sample)
- 09:53, 27 April 2017 (diff | hist) . . (+2,000) . . N PL/SQL Security Cheat Sheet (initial version)
- 08:45, 27 April 2017 (diff | hist) . . (0) . . m SQL Injection Prevention Cheat Sheet (→Escaping SQLi in PhP: typo)
- 09:38, 26 April 2017 (diff | hist) . . (-1) . . Reflected File Download (disable URLs)
- 09:37, 26 April 2017 (diff | hist) . . (+1,831) . . Reflected File Download (add basic information on RFD and references)
- 14:44, 21 April 2017 (diff | hist) . . (+960) . . SameSite (add text from my article https://ipsec.pl/python/2017/understanding-http-cookie-samesite-flag-usage-scenarios.html)
- 14:38, 21 April 2017 (diff | hist) . . (+370) . . Session Management Cheat Sheet (→HttpOnly Attribute: SameSite Attribute)
- 14:37, 21 April 2017 (diff | hist) . . (+62) . . m Session Management Cheat Sheet (→HttpOnly Attribute)
- 14:34, 21 April 2017 (diff | hist) . . (+66) . . Session Management Cheat Sheet (→Secure Attribute)
- 11:10, 21 April 2017 (diff | hist) . . (-30) . . Password Storage Cheat Sheet (→Leverage an adaptive one-way function: formatting, update Argon2 wording)
- 11:07, 21 April 2017 (diff | hist) . . (0) . . m Authentication Cheat Sheet (→Password Complexity: typo)
- 11:07, 21 April 2017 (diff | hist) . . (+130) . . Authentication Cheat Sheet (→Implement Proper Password Strength Controls: the presentation is from 2014 and most of the recommendations are addressed here)
- 11:01, 21 April 2017 (diff | hist) . . (+701) . . Authentication Cheat Sheet (→Password Managers: National Cyber Security Centre on password managers, update the recommendations)
- 13:06, 30 March 2017 (diff | hist) . . (+3) . . User:Pawel Krawczyk (current) (Tag: Visual edit: Switched)
- 06:52, 22 November 2016 (diff | hist) . . (-130) . . User:Pawel Krawczyk
- 20:54, 9 June 2015 (diff | hist) . . (-1,916) . . Transport Layer Protection Cheat Sheet (→Rule - REMOVED - Do Not Perform Redirects from Non-TLS Page to TLS Login Page: if it's removed, it should be removed)
- 20:53, 9 June 2015 (diff | hist) . . (-1) . . m HTTP Strict Transport Security (→Links: typo)
- 20:52, 9 June 2015 (diff | hist) . . (-1,374) . . Transport Layer Protection Cheat Sheet (→Rule - Use HTTP Strict Transport Security: link to appropriate articles on STS and PKP instead of duplicating content, add PKP)
- 20:52, 9 June 2015 (diff | hist) . . (+112) . . HTTP Strict Transport Security (→Links: add AppSec tutorials)
- 20:49, 9 June 2015 (diff | hist) . . (+47) . . Authentication Cheat Sheet (→SAML: reference SAML Security Cheat Sheet)
- 20:48, 9 June 2015 (diff | hist) . . (+1,676) . . SAML Security Cheat Sheet (→Validate Protocol Usage: further SAML validation recommendations)
- 20:33, 9 June 2015 (diff | hist) . . (0) . . m SAML Security Cheat Sheet (→Validate Protocol Processing Rules: typo)
- 20:33, 9 June 2015 (diff | hist) . . (-1) . . m SAML Security Cheat Sheet (→Validate Protocol Usage: typo)
- 20:33, 9 June 2015 (diff | hist) . . (+6,049) . . N SAML Security Cheat Sheet (add initial version based on Brad Broulik article (used with author's written permission, wikified and updated))
- 20:19, 9 June 2015 (diff | hist) . . (+1,135) . . Content Security Policy Cheat Sheet (→Removing unsafe-inline: add more examples of refactoring inline code)
- 20:49, 17 April 2015 (diff | hist) . . (-82) . . Certificate and Public Key Pinning (→HTTP pinning: RFC 7469)
- 15:40, 25 March 2015 (diff | hist) . . (+139) . . Test Upload of Malicious Files (OTG-BUSLOGIC-009) (→How to Test: EICAR anti-malware test file)
- 13:40, 9 February 2015 (diff | hist) . . (+352) . . Category:OWASP Speakers Project (Pawel Krawczyk)
- 14:54, 6 January 2015 (diff | hist) . . (-64) . . Poland (I'm inactive since Sept 2013)
- 12:40, 1 September 2014 (diff | hist) . . (+162) . . Content Security Policy (CspBuilder)
- 14:35, 23 July 2014 (diff | hist) . . (-21) . . m Cross-Site Request Forgery (CSRF) (better uTorrent link)
- 14:34, 23 July 2014 (diff | hist) . . (+34) . . Cross-Site Request Forgery (CSRF) (nowiki)
- 14:33, 23 July 2014 (diff | hist) . . (+5) . . m Cross-Site Request Forgery (CSRF) (formatting)
- 14:32, 23 July 2014 (diff | hist) . . (+2,261) . . Cross-Site Request Forgery (CSRF) (update, simplify, add PUT method)
- 10:50, 18 March 2014 (diff | hist) . . (+567) . . Certificate and Public Key Pinning (Public-Key-Pins HTTP header)
- 10:18, 16 January 2014 (diff | hist) . . (-1) . . m OWASP Code Review V2 Table of Contents (typo)
- 11:27, 14 June 2013 (diff | hist) . . (+1) . . m Category:OWASP Top Ten 2013 Project (typo)
- 10:01, 6 June 2013 (diff | hist) . . (-7) . . m OWASP Xenotix XSS Exploit Framework (typo)
- 13:51, 27 May 2013 (diff | hist) . . (-54) . . OWASP LAPSE Project (fix URL)
- 10:15, 22 May 2013 (diff | hist) . . (+52) . . Poland (prezentacja Piotrka o CSP)
- 10:08, 9 May 2013 (diff | hist) . . (+101) . . Poland (add files, move to past)
- 10:07, 9 May 2013 (diff | hist) . . (+103) . . N File:Bezpieczeństwo a zarządzanie projektami (2013).pptx (Bezpieczeństwo w zarządzaniu projektami - prezentacja ze spotkania OWASP Poland w Krakowie, maj 2013.) (current)
- 10:05, 9 May 2013 (diff | hist) . . (+89) . . N File:Obcy kod (2013).pptx (Obcy kod w naszych stronach - prezentacja ze spotkania OWASP Poland w Krakowie, maj 2013.) (current)
- 10:50, 30 April 2013 (diff | hist) . . (-5) . . m Poland
- 10:49, 30 April 2013 (diff | hist) . . (+148) . . Poland (Seconference)
- 10:47, 30 April 2013 (diff | hist) . . (0) . . N File:Seconference logo.png (current)
- 11:36, 29 April 2013 (diff | hist) . . (+980) . . Poland
- 11:34, 29 April 2013 (diff | hist) . . (+24) . . Poland
- 11:34, 29 April 2013 (diff | hist) . . (-6) . . m Poland (width)
- 11:33, 29 April 2013 (diff | hist) . . (+13) . . Poland
- 11:32, 29 April 2013 (diff | hist) . . (+153) . . Poland (Confidence)
- 11:28, 29 April 2013 (diff | hist) . . (0) . . N File:Confidence 2013.png (current)
- 11:27, 29 April 2013 (diff | hist) . . (+1,855) . . Poland
- 13:30, 15 April 2013 (diff | hist) . . (+8) . . m Password special characters (minor fixes)
- 13:21, 15 April 2013 (diff | hist) . . (+9) . . Authentication Cheat Sheet (add reference to Password special characters)
- 13:18, 15 April 2013 (diff | hist) . . (+1,591) . . N Password special characters (added ASCII special characters table as reference)
- 08:52, 15 April 2013 (diff | hist) . . (+1,423) . . .NET Security Cheat Sheet (added MSDN references to some functions and concepts)
- 08:34, 4 April 2013 (diff | hist) . . (+110) . . m Poland
- 13:39, 13 March 2013 (diff | hist) . . (+55) . . Poland (ll)
- 13:04, 13 March 2013 (diff | hist) . . (+61) . . Poland (lm)
- 10:13, 8 March 2013 (diff | hist) . . (+60) . . m Poland (Krzysiek)
- 10:08, 8 March 2013 (diff | hist) . . (+6) . . m Poland (Content Security Policy)
- 11:09, 28 February 2013 (diff | hist) . . (+63) . . XSS (Cross Site Scripting) Prevention Cheat Sheet (mention ValidateRequest, leave ESAPI for Java only.)
- 21:11, 18 February 2013 (diff | hist) . . (+93) . . Poland (Farmaprom)
- 21:09, 18 February 2013 (diff | hist) . . (0) . . N File:Farmaprom logo.jpg (current)
- 16:41, 18 February 2013 (diff | hist) . . (+1,491) . . Poland (Warszawa)
- 12:42, 7 February 2013 (diff | hist) . . (+1,316) . . m Poland (update)
- 14:20, 6 February 2013 (diff | hist) . . (+1) . . m Poland
- 14:19, 6 February 2013 (diff | hist) . . (+424) . . Poland (luty)
- 11:27, 1 February 2013 (diff | hist) . . (+87) . . m Poland (URL)
- 14:17, 22 January 2013 (diff | hist) . . (+4,288) . . N List of useful HTTP headers (create new page)
- 14:15, 22 January 2013 (diff | hist) . . (+117) . . m User:Pawel Krawczyk/List of useful HTTP headers (current)
- 14:13, 22 January 2013 (diff | hist) . . (+489) . . User:Pawel Krawczyk/List of useful HTTP headers (more description)
- 13:25, 22 January 2013 (diff | hist) . . (-946) . . Cryptographic Storage Cheat Sheet (Always ensure data integrity and authenticity, promote OWASP ESAPI, remove detailed discussion (this is cheatsheet!), removed non-existent page on Crypto++ wiki)
- 21:48, 21 January 2013 (diff | hist) . . (+57) . . m User talk:Jmanico
- 21:47, 21 January 2013 (diff | hist) . . (+496) . . m User talk:Jmanico (MAC)
- 19:03, 14 January 2013 (diff | hist) . . (-12) . . User:Pawel Krawczyk/List of useful HTTP headers
- 19:03, 14 January 2013 (diff | hist) . . (+48) . . User:Pawel Krawczyk/List of useful HTTP headers
- 19:01, 14 January 2013 (diff | hist) . . (+51) . . User:Pawel Krawczyk/List of useful HTTP headers
- 18:57, 14 January 2013 (diff | hist) . . (0) . . m User:Pawel Krawczyk/List of useful HTTP headers
- 18:56, 14 January 2013 (diff | hist) . . (-5) . . User:Pawel Krawczyk/List of useful HTTP headers
- 18:55, 14 January 2013 (diff | hist) . . (-362) . . m User:Pawel Krawczyk/List of useful HTTP headers (-refs)
- 18:52, 14 January 2013 (diff | hist) . . (+11) . . m User:Pawel Krawczyk/List of useful HTTP headers (border)
- 18:51, 14 January 2013 (diff | hist) . . (+2,044) . . m User:Pawel Krawczyk/List of useful HTTP headers
- 18:28, 14 January 2013 (diff | hist) . . (+138) . . m User:Pawel Krawczyk/List of useful HTTP headers (indent)
- 18:15, 14 January 2013 (diff | hist) . . (+75) . . m User:Pawel Krawczyk
- 16:33, 14 January 2013 (diff | hist) . . (-49) . . m User:Pawel Krawczyk/List of useful HTTP headers
- 16:32, 14 January 2013 (diff | hist) . . (+1,818) . . N User:Pawel Krawczyk/List of useful HTTP headers (new page)
- 16:16, 14 January 2013 (diff | hist) . . (+2) . . m User:Pawel Krawczyk (fixed links)
- 16:15, 14 January 2013 (diff | hist) . . (+145) . . m User:Pawel Krawczyk (updates)
- 17:26, 5 December 2012 (diff | hist) . . (0) . . m Poland (typo)
- 13:21, 26 November 2012 (diff | hist) . . (+85) . . Poland (mailhide)
- 13:20, 26 November 2012 (diff | hist) . . (+3) . . m Poland (dr)
- 13:19, 26 November 2012 (diff | hist) . . (+500) . . Poland (grudzień 2012)
- 19:40, 26 September 2012 (diff | hist) . . (+170) . . m Poland (+prezi)
- 22:01, 17 September 2012 (diff | hist) . . (+226) . . Poland
- 21:58, 17 September 2012 (diff | hist) . . (-3) . . m Poland
- 21:57, 17 September 2012 (diff | hist) . . (+350) . . Poland (Kraków)
- 08:00, 7 September 2012 (diff | hist) . . (+50) . . Poland (Evenbrite)
- 07:05, 7 September 2012 (diff | hist) . . (+1,545) . . Poland (Warsaw - October 2012)
- 14:22, 6 September 2012 (diff | hist) . . (+497) . . Authentication Cheat Sheet (updated password complexity rules; referenced MFA to Wikipedia list of tokens)
- 18:18, 4 September 2012 (diff | hist) . . (+534) . . Authentication Cheat Sheet (updated minimum password lengths based on NIST SP; added section on Password Managers)
- 12:55, 31 August 2012 (diff | hist) . . (+316) . . Authentication Cheat Sheet (update minimum password length to 12 characters and mention passphrases)
- 11:07, 23 May 2012 (diff | hist) . . (+68) . . m Poland (presentation files)
- 11:07, 23 May 2012 (diff | hist) . . (+520) . . N File:Hardening iis.pdf (Łukasz Tomaszkiewicz, "Hardening IIS" Patchowanie systemów (+ Baseline Security Analyzer) Web Application Security Analyzer Usunięcie niepotrzebnych komponentów IIS Bezpieczeństwo adresów (długie URLe i query stringi, UTF w URLach, double-encoded r) (current)
- 11:04, 23 May 2012 (diff | hist) . . (+95) . . N File:Prezentacja csrf j-labs.pdf (Jakie zabezpieczenia przeciwko CSRF (i czy w ogóle) oferują popularne WEBowe frameworki Java.) (current)
- 07:07, 14 May 2012 (diff | hist) . . (+154) . . m Poland (opis)
- 12:39, 11 May 2012 (diff | hist) . . (+475) . . Poland (agenda)
- 18:49, 10 May 2012 (diff | hist) . . (+436) . . Poland (social networks etc)
- 18:32, 10 May 2012 (diff | hist) . . (+33,289) . . Poland (maj 2012)
- 18:31, 10 May 2012 (diff | hist) . . (-32,771) . . Poland (Blanked the page)
- 05:55, 8 May 2012 (diff | hist) . . (-8) . . m London (updated title of my presentation)
- 18:36, 18 January 2012 (diff | hist) . . (+89) . . m Poland (urls)
- 18:33, 18 January 2012 (diff | hist) . . (+5) . . m Poland (org name)
- 11:11, 30 December 2011 (diff | hist) . . (+200) . . m Poland (+link)
- 09:06, 24 November 2011 (diff | hist) . . (+45) . . m Poland
- 21:11, 23 November 2011 (diff | hist) . . (+51) . . m Poland (link)
- 13:56, 3 November 2011 (diff | hist) . . (+212) . . HttpOnly (up to date statistics on browsers and frameworks supporting httpOnly)
- 06:53, 21 October 2011 (diff | hist) . . (+68) . . m Poland
- 06:51, 21 October 2011 (diff | hist) . . (+23) . . m Poland
- 10:25, 16 September 2011 (diff | hist) . . (+126) . . m Poland
- 10:21, 16 September 2011 (diff | hist) . . (+16) . . m Poland
- 10:20, 16 September 2011 (diff | hist) . . (+51) . . m Poland (HTML5 presentation)
- 10:18, 16 September 2011 (diff | hist) . . (+115) . . N File:Html5-something wicked this way comes owasp.pdf (Krzysztof Kotowicz presentation on HTML5 threats. Presentd on OWASP Poland on 14 September 2011. English language.) (current)
- 17:27, 7 September 2011 (diff | hist) . . (+2,445) . . Poland (Warsaw)
- 10:50, 7 September 2011 (diff | hist) . . (+11) . . m Poland
- 10:49, 7 September 2011 (diff | hist) . . (+1,301) . . Poland (abstract)
- 07:21, 7 September 2011 (diff | hist) . . (+88) . . m Poland (date change)
- 08:34, 2 September 2011 (diff | hist) . . (-8) . . m Poland
- 08:34, 2 September 2011 (diff | hist) . . (0) . . File:Secure2011-pl-header.gif (uploaded a new version of "File:Secure2011-pl-header.gif") (current)
- 08:32, 2 September 2011 (diff | hist) . . (+6) . . m Poland
- 08:29, 2 September 2011 (diff | hist) . . (+2) . . Poland (Secure 2011 + image)
- 08:29, 2 September 2011 (diff | hist) . . (0) . . N File:Secure2011-pl-header.gif
- 08:28, 2 September 2011 (diff | hist) . . (+277) . . Poland (Secure 2011 stub)
- 05:40, 2 September 2011 (diff | hist) . . (-18) . . m Poland (koto)
- 11:02, 1 September 2011 (diff | hist) . . (+3) . . m Poland
- 21:47, 31 August 2011 (diff | hist) . . (+9) . . Poland (pk)
- 12:54, 31 August 2011 (diff | hist) . . (+25) . . m Poland (dr tech)
- 12:05, 31 August 2011 (diff | hist) . . (+345) . . Poland (September meeting)
- 06:23, 9 June 2011 (diff | hist) . . (+300) . . Poland (InfoTRAMS)
- 17:10, 23 May 2011 (diff | hist) . . (+80) . . Poland (last minute change)
- 12:54, 19 May 2011 (diff | hist) . . (+23) . . m Poland (language)
- 05:32, 19 May 2011 (diff | hist) . . (+30) . . m Poland (KPT intro)
- 07:31, 18 May 2011 (diff | hist) . . (-12) . . m Poland (PK update)
- 14:43, 17 May 2011 (diff | hist) . . (+65) . . m Poland (add PDf presentation from January)
- 14:41, 17 May 2011 (diff | hist) . . (+58) . . N File:OWASP 2011 - Michał Kurek - Cross-Site Scripting.pdf (Michał Kurek presentation from OWASP Kraków 2011 meeting) (current)
- 14:36, 17 May 2011 (diff | hist) . . (+50) . . m Poland (ISSA)
- 11:57, 17 May 2011 (diff | hist) . . (+82) . . m Poland (coordinator telephone)
- 08:51, 17 May 2011 (diff | hist) . . (+70) . . m Poland (minor image fixups)
- 08:47, 17 May 2011 (diff | hist) . . (+30) . . m Poland (conference hall)
- 08:44, 17 May 2011 (diff | hist) . . (+87) . . Poland (logo of Cracow Technology Park, partner of OWASP Krakow meetings)
- 08:40, 17 May 2011 (diff | hist) . . (+89) . . N File:Logo.gif (Cracow Technology Park (Krakowski Park Technologiczny), partner of OWASP Krakow meetings.)
- 05:59, 16 May 2011 (diff | hist) . . (+7) . . m Poland (hour)
- 18:58, 15 May 2011 (diff | hist) . . (+194) . . Poland (23. May 2011 - Krakow)
- 09:53, 12 April 2011 (diff | hist) . . (+56) . . m Poland (+url)
- 11:19, 25 January 2010 (diff | hist) . . (+275) . . HttpOnly (Tomcat 6, JBoss)
- 19:28, 20 January 2010 (diff | hist) . . (-223) . . Category:OWASP Code Review Project (→Code review tool: CodeCrawler link update)
- 11:46, 11 January 2010 (diff | hist) . . (+650) . . Cryptographic Storage Cheat Sheet (→Rule - Store the hash value of passwords: references)
- 09:29, 20 November 2009 (diff | hist) . . (+465) . . HttpOnly (fixing httpOnly using WAFs)
- 14:57, 18 November 2009 (diff | hist) . . (+319) . . Testing for SSL-TLS (OWASP-CM-001) (→SSL testing criteria: SSL Rating Guide, SSL Server Database, TLS Renegotiation)
- 09:09, 9 October 2009 (diff | hist) . . (-2) . . m Broken Authentication and Session Management (Corrected syntax of AUTOCOMPLETE attribute)
- 13:49, 24 August 2009 (diff | hist) . . (+30) . . User:Pawel Krawczyk
- 13:49, 24 August 2009 (diff | hist) . . (-171) . . User:Pawel Krawczyk
- 13:39, 24 August 2009 (diff | hist) . . (+2,059) . . Testing for SSL-TLS (OWASP-CM-001) (→Testing SSL / TLS cipher specifications and requirements for site: specific SSL testing criteria and standards)
- 10:41, 2 August 2009 (diff | hist) . . (+55) . . m HttpOnly (→Overview: formatting)
- 10:40, 2 August 2009 (diff | hist) . . (+450) . . HttpOnly (→Overview: setcookie())
- 10:29, 2 August 2009 (diff | hist) . . (+7) . . m HttpOnly (→Overview: value for session.cookie_httponly for example completeness)
- 14:57, 21 July 2009 (diff | hist) . . (+142) . . HttpOnly (→Overview: Session cookie interface in EE6)
- 14:22, 21 July 2009 (diff | hist) . . (+169) . . HttpOnly (→Overview: httpOnly was added in EE 6 Servlet 3, description of workaround for older version)