Wikibooks:Collections/Web Application Security Guide
|
This is a collection of the pages in a Wikibooks book that can be easily saved, rendered electronically, and ordered as a printed book. For information and help on Wikibooks collections, see Help:Collections.Category:Collections#Collections/Web%20Application%20Security%20Guide | ||||||||
| [ Download PDF ] [ Open in Collection Creator ] [ Order Printed Book ] | |||||||||
| [ About ] [ FAQ ] [ Feedback ] [ Help ] [ Recent Changes ] | |||||||||
- Miscellaneous points
- File inclusion and disclosure
- File upload vulnerabilities
- SQL injection
- Cross-site scripting (XSS)
- XML and internal data escaping
- (Un)trusted input
- Cross-site request forgery (CSRF)
- XML, JSON and general API security
- Clickjacking
- Insecure data transfer
- Session fixation
- Session stealing
- Truncation attacks, trimming attacks
- Password security
- Comparison issues
- PHP-specific issues
- Prefetching and Spiders
- Special filess
- SSL, TLS and HTTPS basics