Web Security

in 15 minutes

Ben Charlton

University of Kent

OWASP Top 10

Cross Site Scripting (XSS)

Injection Flaws

Injection

  • Source: XKCD
  • Malicious File Execution

    Insecure Direct Object Reference

    Cross Site Request Forgery

    Information Leakage

    Broken Authentication

    Insecure Cryptographic Storage

    Insecure Communications

    Failure to Restrict URL access

    Learning More

    OWASP

  • http://splashurl.net/aeK
  • Foundstone WebSec 101

  • http://splashurl.net/aeM