owasp | Down Home Country Coding With Scott Selikoff and Jeanne Boyarsky

contrast security plugin for eclipse

Jeanne Boyarsky — Sun, 02 Nov 2014 21:16:31 +0000

I recently learned that Contrast Security has a free plugin that tests your application against the OWASP Top 10. We’ve tried to fix these already. You can read about how we fixed Clickjacking, CSRF and XSS in JForum. Installing I started out … Continue reading →

The post contrast security plugin for eclipse first appeared on Down Home Country Coding With Scott Selikoff and Jeanne Boyarsky.

contrast security plugin for eclipse was first posted on November 2, 2014 at 4:16 pm.
©2019 "Down Home Country Coding With Scott Selikoff and Jeanne Boyarsky". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at scott@selikoff.net

blogging from owasp security meetup

Jeanne Boyarsky — Fri, 14 Jun 2013 17:50:23 +0000

The NYC Cyber Security meetup had Jeff Williams as a speaker. He’s really good so I decided to go and blog about it. All three sessions were really good! Which sets good expectations for the Appsec USA conference which I’m thinking … Continue reading →

The post blogging from owasp security meetup first appeared on Down Home Country Coding With Scott Selikoff and Jeanne Boyarsky.

blogging from owasp security meetup was first posted on June 14, 2013 at 1:50 pm.
©2019 "Down Home Country Coding With Scott Selikoff and Jeanne Boyarsky". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at scott@selikoff.net

csrf for JForum without javascript

Jeanne Boyarsky — Sat, 23 Mar 2013 16:03:54 +0000

In February, I wrote a three part series on how we fixed JForum on coderanch to protect from CSRF. In included; Analysis Extending OWASP Problems Remaining problems Unfortunately, there were three remaining problems. Some mobile devices weren’t able to handle … Continue reading →

The post csrf for JForum without javascript first appeared on Down Home Country Coding With Scott Selikoff and Jeanne Boyarsky.

csrf for JForum without javascript was first posted on March 23, 2013 at 12:03 pm.
©2019 "Down Home Country Coding With Scott Selikoff and Jeanne Boyarsky". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at scott@selikoff.net

fixing csrf for jforum and csrf filter analysis (part 1)

Jeanne Boyarsky — Sat, 09 Feb 2013 15:50:01 +0000

This post goes through how we fixed CSRF (cross site request forgery) in JForum, issues encountered and approach. It is useful reading for anyone who needs to protect against CSRF on their website. Background Stock JForum has a number of … Continue reading →

The post fixing csrf for jforum and csrf filter analysis (part 1) first appeared on Down Home Country Coding With Scott Selikoff and Jeanne Boyarsky.

fixing csrf for jforum and csrf filter analysis (part 1) was first posted on February 9, 2013 at 10:50 am.
©2019 "Down Home Country Coding With Scott Selikoff and Jeanne Boyarsky". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at scott@selikoff.net

csrf – jforum cleanup and problems

Jeanne Boyarsky — Sat, 09 Feb 2013 15:47:26 +0000

See part 1 for how we got here and part 2 for how we changed the OWASP filter. Code cleanup and problems There is some poorly written code in JForum that CSRF now prevents from working. In these cases, I needed … Continue reading →

The post csrf – jforum cleanup and problems first appeared on Down Home Country Coding With Scott Selikoff and Jeanne Boyarsky.

csrf – jforum cleanup and problems was first posted on February 9, 2013 at 10:47 am.
©2019 "Down Home Country Coding With Scott Selikoff and Jeanne Boyarsky". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at scott@selikoff.net

csrf – extending the owasp solution and “interesting” IE javascript bugs (part 2)

Jeanne Boyarsky — Sat, 09 Feb 2013 15:34:59 +0000

While implementing CSRF for JForum, I needed to extend the OWASP solution. Let me tell you, they don’t make it easy to extend. Lots of final. Here’s what I did – linked to code on github. To read about the … Continue reading →

The post csrf – extending the owasp solution and “interesting” IE javascript bugs (part 2) first appeared on Down Home Country Coding With Scott Selikoff and Jeanne Boyarsky.

csrf – extending the owasp solution and “interesting” IE javascript bugs (part 2) was first posted on February 9, 2013 at 10:34 am.
©2019 "Down Home Country Coding With Scott Selikoff and Jeanne Boyarsky". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at scott@selikoff.net