| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 23 Jul 2007 13:21:25 -0400 (EDT) From: bugtraq@...security.net To: codeshepherd@...il.com (Deeþàn Chakravarthÿ) Cc: full-disclosure@...ts.grok.org.uk, websecurity@...appsec.org Subject: Re: Am I missing anything ? I would advise checking out the Threat Classification by The Web Application Security Consortium at http://www.webappsec.org/projects/threat/. Version 2 is in the works and should be out in a month or so with MANY updates. - Robert > > Hi All, > Just wondered if I am missing anything important. Am planning to give > talk on web security. > Is there any other technique other than the following I have to speak > about ? > > 1)XSS > 2)CSRF > 3)SQL Injection > 4)AJAX/JSON hijacking > 5)HTTP response splitting > 6)RFI > 7)CRLF > 8)MITM > > Thanks > Deepan > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists