T4GG.com - /web security/

» Web Application Security Consortium - 110 days ago (webappsec.org)

The Web Application Security Consortium (WASC) is an international group of experts, industry practitioners, and organizational representatives who produce open source and widely agreed upon best-practice security standards for the World Wide Web.

browse: browsers, hacking, scripting, web security, whid

» Burp Suite - 132 days ago (portswigger.net)

Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, authentication, downstream proxies, logging, alerting and extensibility. Burp Suite allows you to combine manual and automated techniques to enumerate, analyse, attack and exploit web applications. The various Burp tools work together effectively to share information and allow findings identified within one tool to form the basis of an attack using another.

browse: burp, http request, official site, proxy, tools, web security

» Sleuth - Web Application Auditing Tool - 132 days ago (sandsprite.com)

Sleuth is Web Application analysis tool. It has been designed to help you probe through a site to try to gather insight into how it works and how the authors designed it. Sleuth was born in the midst of a Web Application Security Audit when It felt that that a custom tool was needed to preform the job efficiently.

browse: auditing, scanner, sleuth, tools, web security

» Nikto - 132 days ago (cirt.net)

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).

browse: cert, nikto, official site, scanner, tools, web security

» OWASP - The Open Web Application Security Project - 135 days ago (owasp.org)

The Open Web Application Security Project (OWASP) is a worldwide free and open community focused on improving the security of application software. Their mission is to make application security "visible," so that people and organizations can make informed decisions about application security risks. Everyone is free to participate in OWASP and all of our materials are available under an open source license.

browse: csrf, official site, owasp, sql, web security, wiki, xss

» Google Doctype - 136 days ago (code.google.com)

Google Doctype is an open encyclopedia and reference library. Written by web developers, for web developers. It includes articles on web security, JavaScript DOM manipulation, CSS tips and tricks, and more. The reference section includes a growing library of test cases for checking cross-browser and cross-platform compatibility.

browse: css, documentation, dom manipulation, javascript, web security

» The Honeynet Project - 153 days ago (honeynet.org)

The Honeynet Project goal is to improve the security of the Internet by sharing lessons learned about the most common online threats. This includes a excellent "Know Your Enemy" series of whitepapers covering Web Application Threats, Fast-Flux Service Networks, Malicious Web Servers, Phishing and more. Also available on the site are a number of honeypot tools available for free download.

browse: honeynet, hacking, tools, web security, whitepapers

» DISORG - Digital Intelligence and Strategic Operations Group - 154 days ago (disog.org)

Excellent blog covering digital intelligence with a focus towards bot hunting, malware detection and online surveillance.

browse: blogs, botnet, honeypot, information security, web security

» Dancho Danchev - Mind Streams of Information Security Knowledge - 154 days ago (ddanchev.blogspot.com)

This blog covers trends and fads, tactics and strategies, intersecting with third-party research, speculations and real-time CYBERINT assessments, all packed with sarcastic attitude.

browse: blogs, information security, web security

» The Hacker Webzine - 155 days ago (0x000000.com)

Updated regularly The Hacker Webzine is a great site with hundreds of mini articles covering a variety of topics all associated with web application and browser based security.

browse: news, hacking, csrf, xss, web security