Book:Web Application Security: A Comprehensive Overview

From LIMSWiki
Jump to: navigation, search
Web Application Security
A Comprehensive Overview
OWASP Logo.png
This is a LIMSwiki book, a collection of LIMSwiki articles that can be easily saved, rendered electronically, and ordered as a printed book.

Edit this book: Book Creator · Wikitext
Select format to download:

PDF (A4) · PDF (Letter)

Order a printed copy from these publishers: PediaPress
Start ] [ FAQ ] [ Basic help ] [ Advanced help ] [ Feedback ] [ Recent Changes ]


Web Application Security: A Comprehensive Overview

This volume provides a comprehensive overview of "common web application security issues and methods how to prevent them." The content originates from the associated Wikibook, found here, and is made available under the Creative Commons Attribution-ShareAlike 3.0 Unported license. The associated Wikipedia article on the topic is also appended to give additional introductory context. (A print-friendly version also exists.)

Introducing web application security
Opening comments
Checklist
Miscellaneous points
File inclusion and disclosure
File upload vulnerabilities
SQL injection
Cross-site scripting (XSS)
XML and internal data escaping
XML, JSON and general API security
(Un)trusted input
Cross-site request forgery (CSRF)
Clickjacking
Insecure data transfer
Session fixation
Session stealing
Truncation attacks, trimming attacks
Password security
Comparison issues
PHP-specific issues
Prefetching and spiders
Special files
SSL, TLS and HTTPS basics
Further reading
Authors