Skip to main content

Home/ Coders/ Group items tagged security

Rss Feed Group items tagged

objectivist ursilly

Category:OWASP Top Ten Project - OWASP - 6 views

  •  
    OWASP top ten web application security flaws
Matteo Spreafico

CWE -2011 CWE/SANS Top 25 Most Dangerous Software Errors - 4 views

  •  
    A list of the most widespread and critical errors that can lead to serious vulnerabilities in software. They are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all.
Oeil-de-nuit -_-

HTML Purifier - Filter your HTML the standards-compliant way! - 5 views

  •  
    HTML Purifier is a standards-compliant HTML filter library written in PHP. HTML Purifier will not only remove all malicious code (better known as XSS) with a thoroughly audited, secure yet permissive whitelist, it will also make sure your documents are standards compliant, something only achievable with a comprehensive knowledge of W3C's specifications. Tired of using BBCode due to the current landscape of deficient or insecure HTML filters? Have a WYSIWYG editor but never been able to use it? Looking for high-quality, standards-compliant, open-source components for that application you're building? HTML Purifier is for you!
Joel Bennett

Performance & Security for Any Website | CloudFlare (Private Beta) | Overview - 1 views

  • CloudFlare protects and accelerates any website online. Once your website is a part of the CloudFlare community, its web traffic is routed through our intelligent global network. We automatically optimize the delivery of your web pages so your visitors get the fastest page load times and best performance. We also block threats and limit abusive bots and crawlers from wasting your bandwidth and server resources. The result: CloudFlare-powered websites see a significant improvement in performance and a decrease in spam and other attacks.
  •  
    CloudFlare claims they can keep spambots off your website, and even stop SQL injection and XSS attacks before they hit your servers ... and they're willing to do part of that for FREE
awqi zar

TidBITS Safe Computing: An Introduction to File Encryption in Mac OS X - 3 views

  •  
    This article is an excerpt from Chapter 13, "Encrypting and Securely Deleting Files," reprinted with the kind permission of Wiley. File encryption is of course just one tiny piece of the security puzzle, but it's worth knowing about if you keep confidential data on your Mac, especially if the computer is ever out of your physical control - which would include being lost or stolen.
Joel Bennett

MiniFuzz File Fuzzer - Microsoft Download details - 1 views

  •  
    "MiniFuzz is a very simple fuzzer designed to ease adoption of fuzz testing by non-security people who are unfamiliar with file fuzzing tools or have never used them in their current software development processes. "
Oeil-de-nuit -_-

Stop data inserting into a database twice - Stack Overflow - 0 views

  •  
    * HTTP `Location: ...´ header to redirect ; known as the Post/Redirect/Get design pattern.
    * Nonces (Number used only once) included in the page as a hidden form field (client-side) ; and server-side: Either stored in the user-session or in the database as the primary key (or at least a unique field) of the table you insert into.
    * Disable the submit button (drawbacks for the user).
    * md5 hash on the content of the submitted data.
David Corking

fbcdn.net i.e. facebook - On the internet - 0 views

  • By having a domain that isn't just a subdomain (ie, x.facebook.com) like fbcdn.net, each request isn't burdened with the additional cookies and thus minimizes the bandwidth required on the request
  •  
    So what is the best way to set up NoScript to avoid XSS attacks from Facebook users?
David Corking

Twitter XSS Strikes Again | SophosLabs blog | April 18 2009 - 0 views

  •  
    "It is still a good idea to run Firefox and NoScript to help protect yourself from all kinds of Javascript attacks."

    Not more of this?!
David Corking

Coding Horror: Top 25 Most Dangerous Programming Mistakes | 2009 - 0 views

  • Heck, even if you are aware of these security mistakes, you might end up committing them anyway. I know I have.

    Have you?

    • David Corking
       
      :)
  •  
    Some old, some from the 2000s, some still happening too often.
Rajan Datta

AdaCore - Home > GNAT Pro > The Tokeneer Project - 0 views

  •  
    NSA Led Project for approach to highly secure systems. Keywords: ADA, Praxis, Correctness by Construction
Joel Bennett

OAuth - An open protocol to allow secure API authorization in a simple and standard met... - 0 views

  •  
    An open protocol to allow secure API authorization in a simple and standard method from desktop and web applications.
Joel Bennett

OWASP Validation Project - OWASP - 0 views

  •  
    OWASP CSRF Guard - protects a web application from Cross-Site Request Forgery attacks through the use of a unique random request token...
Joel Bennett

IdentityBlog - Digital Identity, Privacy ... - 0 views

  •  
    Microsoft's number one identity blogger.
1 - 20 of 27 Next ›
Showing 20 items per page