HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 241 guests online
 
Free Business and Tech Magazines and eBooks

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Web Applicationsarrow OWASP CSRFGuard
EH-Net
May 20, 2013, 03:53:15 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: OWASP CSRFGuard  (Read 2885 times)
0 Members and 1 Guest are viewing this topic.
Xorcist
Newbie
*
Offline Offline

Posts: 2


View Profile
« on: April 15, 2012, 12:36:44 AM »
hey guys..
How good is CSRFguard? i am trying to configure my web application which is based on Tomcat server with CSRFGuard to protect it against CSRF attacks.. but not sure how good is this solution?
had anyone experienced CSRFguard?? if positive, please point me to some place where i can get a right configuration of CSRFGuard.
and.. is this this being continuously supported by owasp?
Logged
millwalll
Guest
« Reply #1 on: April 16, 2012, 03:08:10 PM »
I have never used it saying that OWASP project are pretty good. I would say asking on the OWASP site would be the best place for an answer.
Logged
ambient
Newbie
*
Offline Offline

Posts: 20



View Profile WWW
« Reply #2 on: April 17, 2012, 12:19:41 PM »
l think implementing an anti-CSRF mechanism in our application is not difficult. You can turn on/off your mechanism at arbitrary points. Moreover, with java platform, if you use some frameworks like struts, you can use its built-in anti CSRF mechanism.

For CSRF guard, I have never used  Huh

 
Logged
We secure the nation.
GPEN,eCPPT,C|EH,CCNA
http://incognitolab.com/
https://www.facebook.com/secure.thailand
tturner
Sr. Member
****
Offline Offline

Posts: 432


View Profile WWW
« Reply #3 on: April 17, 2012, 12:30:50 PM »
The last commit was 2 months ago and the mailing list appears to be somewhat active, so would say it's fairly current. I have not used it but would note the project is listed as Alpha as is the case with many OWASP projects.
Logged
Certifications:
CISSP, CISA, GPEN, GWAPT, GAWN, GCIA, GCIH, GSEC, OPSE, CSWAE, CSTP, VCP

WIP: OSWP, GSSP-JAVA, GXPN

Udacity on hold, again. I suck.

http://sentinel24.com/blog  @tonylturner http://bsidesorlando.org
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.057 seconds with 23 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Free Business and Tech Magazines and eBooks

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.