[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 23 Jul 2007 13:21:25 -0400 (EDT)
From: bugtraq@...security.net
To: codeshepherd@...il.com (Deeþàn Chakravarthÿ)
Cc: full-disclosure@...ts.grok.org.uk, websecurity@...appsec.org
Subject: Re: Am I missing anything ?
I would advise checking out the Threat Classification by The Web Application Security Consortium
at http://www.webappsec.org/projects/threat/.
Version 2 is in the works and should be out in a month or so with MANY updates.
- Robert
>
> Hi All,
> Just wondered if I am missing anything important. Am planning to give
> talk on web security.
> Is there any other technique other than the following I have to speak
> about ?
>
> 1)XSS
> 2)CSRF
> 3)SQL Injection
> 4)AJAX/JSON hijacking
> 5)HTTP response splitting
> 6)RFI
> 7)CRLF
> 8)MITM
>
> Thanks
> Deepan
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists