From: bugtraq@cgisecurity.net
Date: Thu Feb 21 2008 - 17:52:19 EST
Check out the WASC Threat Classification Document. It has a good rundown of the types
of attacks as well as examples and links to further reading on each.
http://www.webappsec.org/projects/threat/
- Robert
http://www.cgisecurity.com/
http://www.qasec.com/
http://www.webappsec.org/
>
> Hi Everybody,
>
> I will performed an audit for web applications (XSS on GET/POST
> method, Path transversal, etc...). Do you have some documents on how
> perform it correctly, methodology, examples of reporting, etc. ?
>
> Thanks a lot in advance for your help,
>
>
> mih4ke
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------
>
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:25 EDT