[Hack]in(sight) Vol.2 No.15
The OWASP Top Ten is a powerful awareness document for web application security. The OWASP Top Ten represents a broad consensus about what the most critical web application security flaws are. Project members include a variety of security experts from around the world who have shared their expertise to produce this list.
We urge all companies to adopt this awareness document within their organization and start the process of ensuring that their web applications do not contain these flaws. Adopting the OWASP Top Ten is perhaps the most effective first step towards changing the software development culture within your organization into one that produces secure code.
Page 5: Website Rooting : Advanced SQL Injection Tutorial
In this tutorial we will be rooting a vulnerable web server using Mantra Security Toolkit.
Page 47: The Mobile Top Ten
Mobile Top Ten 2015 list following a similar approach of collecting data, grouping the data in logical and consistent ways.
Page 97: Automated Security Testing of web applications using OWASP Zed Attack Proxy
Penetration testing web applications is not an easy task, no matter if you are a Java, PHP, Ruby or C# developer. Often development teams use web frameworks to develop their application and rely on build-in security features without understanding possible attack scenarios. Other times developers rely on the operation team when it comes to securing the web application.
Page 109: OWASP Security Shepherd
The OWASP Security Shepherd project is a web and mobile application security training platform. Security Shepherd has been designed to foster and improve security awareness among a varied skill-set demographic. The aim of this project is to take AppSec novices or experienced engineers and sharpen their penetration testing skillset to security expert status.
Page 118: OWASP ZeroDay Cyber Research Shellcoder
OWASP ZeroDay Cyber Research Shellcoder [Generator] is an open source software in python language which lets you generate customized shellcodes for listed operation systems. This software can be run on Linux under python 2.7.x.
Unique cover design was created by MR. Jim Steele from www.cyexdesign.com.
Enjoy the hacking!
Hack Insight Team
For more technical articles available on our website, subscribe to Hack Insight and receive:
--> 24 unique magazine editions per one year.
--> Access to all the previous releases from the archives.
--> Access to special publications, workshops and video tutorials.