Website Vulnerabilities

Nov 9, 2009   //   by Ben Griswold   //   Blog  //  No Comments

The folks at the Open Web Application Security Project publish a list of the top 10 vulnerabilities. In a recent CodeBrew I provided a quick overview of them all and spent a good amount of time focusing on the most prevalent vulnerability, Cross Site Scripting (XSS).

I gave an overview of XSS, stepped through a quick demo (sorry vulnerable site), reviewed the three XSS variations and talked a bit about how to protect one’s site.

References and reading materials were also included in the presentation and, look at that, they are provided here too.

  1. Open Web Application Security Project
  2. The OWASP Top Ten Vulnerabilities (pdf)
  3. OWASP List of Vulnerabilities
  4. The 56 Geeks Project by Scott Johnson
  5. ha.ckers.org
  6. OWASP XSS Prevention Cheat Sheet
  7. Wikipedia
  8. Is XSS Solvable?, Don Ankney
  9. The Anatomy of Cross Site Scripting, Gavin Zuchlinski

Leave a comment

(will not be published)

Recent Posts

Tag Cloud

PCs reference culture History Scrum passwords JavaScript Opinion IPO recruiting Automation IE8 Prefix operator Diagrams css marketing html Python Firefox ++ Software Agile Programming operator++ -- Macs Anniversary reliability malware social media Java safari Windows Noah Heldman adobe flash Flashback Virus Module Pattern Mike Mannion managing projects ASP.NET MVC 3 Best Practices const Operating Systems Session pointer Google Chrome Postfix operator project management longevity Mark Zuckerberg privacy apple quality Facebook C++ Ray Mitchell brett humphrey