Wikibooks:Collections/Web Application Security Guide

From Wikibooks, open books for an open world
Jump to: navigation, search
Web Application Security Guide
This is a collection of the pages in a Wikibooks book that can be easily saved, rendered electronically, and ordered as a printed book. For information and help on Wikibooks collections, see Help:Collections.
[ About ] [ FAQ ] [ Feedback ] [ Help ] [ Recent Changes ]

Miscellaneous points
File inclusion and disclosure
File upload vulnerabilities
SQL injection
Cross-site scripting (XSS)
XML and internal data escaping
(Un)trusted input
Cross-site request forgery (CSRF)
XML, JSON and general API security
Insecure data transfer
Session fixation
Session stealing
Truncation attacks, trimming attacks
Password security
Comparison issues
PHP-specific issues
Prefetching and Spiders
Special filess
SSL, TLS and HTTPS basics
Further reading