HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 36 guests and 2 members online
 
Free Business and Tech Magazines and eBooks

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Web Applicationsarrow OWASP Top 10 for 2010
EH-Net
May 24, 2013, 07:09:31 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: OWASP Top 10 for 2010  (Read 4607 times)
0 Members and 1 Guest are viewing this topic.
UNIX
Hero Member
*****
Offline Offline

Posts: 1235


View Profile
« on: April 21, 2010, 02:13:19 PM »
OWASP released a few days ago their Top 10 for 2010.

Quote
A1: Injection
A2: Cross-Site Scripting (XSS)
A3: Broken Authentication and Session Management
A4: Insecure Direct Object References
A5: Cross-Site Request Forgery (CSRF)
A6: Security Misconfiguration
A7: Insecure Cryptographic Storage
A8: Failure to Restrict URL Access
A9: Insufficient Transport Layer Protection
A10: Unvalidated Redirects and Forwards

More here.
Logged
j0rDy
Hero Member
*****
Offline Offline

Posts: 590


View Profile
« Reply #1 on: April 22, 2010, 04:30:32 AM »
And (SQL) injection is back on top! OWASP has some good information and tools. there are tons of projects that people havent even heard of and they keep doing great things.

Thanks awesec!
Logged
ISC2 Associate, CEH, ECSA, OSCP, OSWP

earning my stripes appears to be a road i must travel alone...with a little help of EH.net
Synquell
Full Member
***
Offline Offline

Posts: 169



View Profile
« Reply #2 on: April 22, 2010, 06:24:11 AM »
Indeed! Going to my first OWASP chapter meeting in a month, looking forward to it.
Knowing every item on this top 10 list is high on my priorities :-)
Logged
Twitter: https://twitter.com/dietervds
Blog: https://synquell.wordpress.com (not much there yet)

The beginning of knowledge is the discovery of something we do not understand.
Ketchup
Hero Member
*****
Offline Offline

Posts: 1021



View Profile
« Reply #3 on: April 22, 2010, 07:57:14 PM »
Yep, SQLi is still every bit as powerful as it has been.
Logged
~~~~~~~~~~~~~~
Ketchup
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.08 seconds with 23 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.