This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Template:OWASP News
From OWASP
- Aug 31 - OWASP Autumn Of Code 2006
- Today we are lauching a new project called "OWASP Autumn of Code 2006" which will sponsor individuals to work on existing OWASP Projects.
- Aug 31 - Article about OWASP on Banca Finanza magazine
- Banca Finanza mag has interviewed Raoul Chiesa talking about the new risks for the on-line banking security. Raoul speaks about OWASP and web application security.
- Aug 27 - New OWASP Projects
- Check out these three new tool projects starting and join us in making them better.
- LAPSE - J2EE static analysis tool
- SQLiX - SQL injection scanner
- Pantera - Web application analysis engine
- Aug 14 - Detailed analysis of application security tools
- Holger Peine of the Fraunhofer Institute compares a number of free tools (WebScarab, Paros, Burp Suite, Spike Proxy), and commercial tools (AppScan, WebInspect, Acunetix). The methodology is quite detailed and uses OWASP's WebGoat and a 'normal' web application.
- Aug 14 - When Phishing Evolves to Pharming
- "Phishing is evolving into a new type of attack called pharming. Pharming redirects users to fraudulent websites seamlessly without any suspicious activity such as spam mail that asks a user to login at a website. This paper analyses possible vectors of pharming and creates a threat model for it with attack tree." OWASP would like to thank Cheong Kai Wee for the submission of this paper! Click here for details on submitting your own paper to the OWASP Papers Program.
