WebAppSec 101: OWASP Top 10 and WebGoat. Kyle OWASP UCI Chapter Lead 5/17/2010. Quick OWASP Background. Open Web Application Security Project OC chapter lead by Neil Matatall, original creator of this presentation Upcoming conference on Tue, Sept 7th AppSec US 2010 @ UCI.
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
OWASP UCI Chapter Lead
From OWASP Top 10: The Ten Most Critical Web Application Security Vulnerabilities
Stored XSS Attack
“A CSRF attack forces a logged-on victim's browser to send a pre-authenticated request to a vulnerable web application, which then forces the victim's browser to perform a hostile action to the benefit of the attacker. CSRF can be as powerful as the web application that it attacks.
Spoofing an Authentication Cookie