[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Am I missing anything ?

To: codeshepherd@xxxxxxxxx (Deeþàn Chakravarthÿ)
Subject: Re: [Full-disclosure] Am I missing anything ?
From: bugtraq@xxxxxxxxxxxxxxx
Date: Mon, 23 Jul 2007 13:21:25 -0400 (EDT)

I would advise checking out the Threat Classification by The Web Application 
Security Consortium
at http://www.webappsec.org/projects/threat/.

Version 2 is in the works and should be out in a month or so with MANY updates.

- Robert

> 
> Hi All,
>    Just wondered if I am missing anything important. Am planning to give 
> talk on web security.
> Is there any other technique other than the following I have to speak 
> about ?
> 
> 1)XSS
> 2)CSRF
> 3)SQL Injection
> 4)AJAX/JSON hijacking
> 5)HTTP response splitting
> 6)RFI
> 7)CRLF
> 8)MITM
> 
> Thanks
> Deepan
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Am I missing anything ?
  - From: Deeþàn Chakravarthÿ

Prev by Date: Re: [Full-disclosure] In ur server-status
Next by Date: Re: [Full-disclosure] [WEB SECURITY] Am I missing anything ?
Previous by thread: Re: [Full-disclosure] Am I missing anything ?
Next by thread: Re: [Full-disclosure] [WEB SECURITY] Am I missing anything ?
Index(es):
- Date
- Thread