-
Verify remote IFRAMEs and HTML5 cross-domain resource sharing does not allow inclusion of arbitrary remote content.
HydraNorth notes:
Blacklight notes:
Testing notes:
-
Verify that credentials, and all other identity information handled by the application(s), do not traverse unencrypted or weakly encrypted links.
HydraNorth notes:
Blacklight notes:
Testing notes:
-
Verify all pages and resources require authentication except those specifically intended to be public (Principle of complete mediation).
HydraNorth notes:
Blacklight notes:
Testing notes:
-
@jaimergp found this https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
We should curate some trusted resources in the readme maybe?
-
Validaciones OpenSource para comprobar inputs del usuario con seguridad
-
https://cheatsheetseries.owasp.org/index.html
-
```
Add OWASP 1-liner application:
http://1-liner.org/
https://www.owasp.org/index.php/OWASP_1-Liner
```
Original issue reported on code.google.com by `chuck.f....@gmail.com` on 7 Sep 2012 at 12:4…
-
```
Hi folks,
Any chance of including the OWASP Zed Attack Proxy -
https://code.google.com/p/zaproxy ?
Many thanks,
Psiinon
```
Original issue reported on code.google.com by `psii...@gmail.com` o…
-
```
Add OWASP 1-liner application:
http://1-liner.org/
https://www.owasp.org/index.php/OWASP_1-Liner
```
Original issue reported on code.google.com by `chuck.f....@gmail.com` on 7 Sep 2012 at 12:4…
-
- Site: [https://hapi.f5labs.dev](https://hapi.f5labs.dev)
**New Alerts**
- **Insufficient Site Isolation Against Spectre Vulnerability** [90004] total: 2:
- [https://hapi.f5labs.dev/fhir/Bi…