[25957] in bugtraq
Now Online OWASP Guide to Building Secure Web Applications
daemon@ATHENA.MIT.EDU (The Owasp Project)
Wed Jun 26 23:08:56 2002
Message-ID: <200206251940.PAA23431@arkroyal.cnchost.com>
Errors-To: <owasp@owasp.org>
From: The Owasp Project <owasp@owasp.org>
To: bugtraq@securityfocus.com
Reply-To: owasp@owasp.org
Date: Tue, 25 Jun 2002 12:40:32 -0700 (PST)
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
We are pleased to announce that the first release of
the Open Web Application Security Project “Guide to
Building Secure Web Applications” is now online in
both pdf (1.67Mb) and HTML.
The Guide covers various web application security
topics from architecture to preventing attack
specifics like cross site scripting, cookie
poisoning and SQL injection. Its 80 pages of pure
web application security and no vendor marketing in
sight! The document is released under the GNU
documentation license and was a community volunteer
effort. Big kudos to all those involved.
You can download the Guide from the front page at
http://www.owasp.org
This is just one of several projects underway
including an open source web application scanner
called WebScarab (due end of the year), a set of
generic API’s called Filters to allow developers to
easily protect their applications from malicious
input / output such as XSS (due in next 3 months)
and a formal testing methodology. Future projects
include an intentionally buggy application for
testing and learning, called WebMaven.
Oh, and did we mention its all open source and free !
If you like the work, want to contribute or have
suggestions for improvements, please drop us a mail.
owasp@owasp.org
The Open Web Application Security Project
http://www.owasp.org
