Open Web Application Security Project -- az alkalmazásbiztonság ügyét mozdítja elő. Az AppSec ügye: a hackereknek ellenállóbb szoftver.
See all
Members (61)

Stream

Timur Khrotko
owner

Radar (érdekes)  - 
 
"The OWASP Winter Code Sprint (OWCS) is a program to involve students with Security projects. By participating in OCWS a student can get real life experience while contributing to an open source project and getting university credits."
1
Add a comment...

Timur Khrotko
owner

Repo (hasznos)  - 
 
"The OWASP HTML Sanitizer is a fast and easy to configure HTML Sanitizer written in Java which lets you include HTML authored by third-parties in your web application while protecting against XSS."
1
Add a comment...

Timur Khrotko
owner

Radar (érdekes)  - 
 
OWASP Developer Guide Reboot (V3)
"This is the development version of the OWASP Developer Guide, and will be converted into PDF & MediaWiki for publishing when complete."
1
Add a comment...

Timur Khrotko
owner

Repo (hasznos)  - 
 
CR V2 (új verzió RC)
" Code review is probably the single-most effective technique for identifying security flaws early in the system development lifecycle. When used together with automated tools and manual penetration testing, code review can significantly increase the cost effectiveness of an application security verification effort."
1
Add a comment...

Timur Khrotko
owner

Radar (érdekes)  - 
 
OWASP SSL audit for testers / OWASP SSL advanced forensic tool
2
Add a comment...

Timur Khrotko
owner

Közlöny (official)  - 
1
Add a comment...

Timur Khrotko
owner

Radar (érdekes)  - 
1
Add a comment...

Timur Khrotko
owner

Radar (érdekes)  - 
 
"The OWASP Cornucopia project has been shortlisted for an award in a competition run by the .UK registrar."
- a projektről lásd az előző postomat.
1
Add a comment...

Timur Khrotko
owner

Radar (érdekes)  - 
 
 
Easy and long passwords are more secure than complex but short ones!
Please remember this while building the password field in any registration form.
3
Add a comment...

Andras Sziranyi

Repo (hasznos)  - 
1
Add a comment...

About this community

Az OWASP helyi tagozata az alkalmazásbiztonság ügyét képviseli és népszerűsíti Magyarországon. A tagozat szereplése és hatása a mellette kiálló közösségen, azaz rajtad is múlik! ✦ AppSec -- tedd láthatóvá! ✦ Ez a G+ közösség interaktív platformként jött létre az alkalmazásbiztonság iránt érdeklődők és azt támogatók számára, illetve az aktív AppSec ismeret-szerzés és -megosztás érdekében. (Az alább hivatkozott LinkedIn csoportban pedig a hivatalos éneddel követheted/működtetheted az OWASP HU tagozatot.)

Timur Khrotko
owner

Repo (hasznos)  - 
 
"The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting."
1
Add a comment...

Timur Khrotko
owner

Repo (hasznos)  - 
 
"The OWASP JSON Sanitizer Project is a simple to use Java library that can be attached at either end of a data-pipeline. When applied to JSON-like content, this project will produce well-formed JSON that should satisfy any parser you use. When applied to your output before you send, it will coerce minor mistakes in encoding and make it easier to embed your JSON in HTML and XML. This library will make sure that ad-hoc JSON outputs are standards compliant and safe to pass to (overly) powerful deserializers like Javascript's eval() operator."
1
Add a comment...

Timur Khrotko
owner

Repo (hasznos)  - 
 
Testing Guide (új verzió RC)
"In conjunction with other OWASP projects such as the Code review Guide, the Development Guide and tools such as OWASP ZAP, this is a great start towards building and maintaining secure applications."
1
Add a comment...

Zoltán Németh

Radar (érdekes)  - 
 
Az Ethical Hacking Konferencia (2014. május 22.)
előadásainak videóifelvételei (itt elérhető a többi is)

Secret life of routers - Peter Košinár

Számomra kiemelkedő Peter Kosinár, Veres-Szentkirályi András és
Molnár Gábor előadása.
 ·  Translate
2
Add a comment...

Timur Khrotko
owner

Közlöny (official)  - 
 
AppSecEU élőben
1
Add a comment...

Timur Khrotko
owner

Radar (érdekes)  - 
 
Hangout esemény! Jun 24.
OWASP Developer Guide Hack-A-Thon * edit - we had to move days to make sure Eoin did not have to clone himself * Straight after Eoin's talk, I will be available in the morning (10 AM - 1 pm UK time) to discuss the Developer Guide, any questions you might have, get assignments, or just shoot the breeze. Anyone can work remotely using this Hangout. If you can't get on, please post to the OWASP G+ Community or the devGuide mail list.  Our goal is...
1
Add a comment...

Timur Khrotko
owner

Repo (hasznos)  - 
 
"OWASP Cornucopia is a mechanism in the form of a card game to assist software development teams identify security requirements in Agile, conventional and formal development processes. It is language, platform and technology agnostic."
1
Add a comment...

Timur Khrotko
owner

Repo (hasznos)  - 
 
"When new versions of libraries become available, in general I think you're better off just upgrading even if no known CVEs are patched in a new release, because developers frequently make security fixes without acknowledging them publicly at all, or by making vague comments like "and a few minor security improvements" in the release notes."
The ankle biters of the application security world
1
Add a comment...