OWASP Top 10 - A4 Insecure Direct Object References
Description The application exposes a direct reference (functional identifier, database key, file path…) to a resource. Thanks to that direct reference, an attacker can guess other »
OWASP Top 10 - A3 Cross Site Scripting (XSS)
Description Cross-Site Scripting is a specific consequence of an injection attack. The goal is to make a web browser execute arbitrary scripting code (Javascript, ActionScript, ActiveX… »
Nouveau flux RSS Blog Ippon
Notre flux RSS a changé… pour ne rater aucun article des experts Ippon, vous pouvez mettre à jour votre lecteur RSS avec l’adressehttp://blog.ippon. »
OWASP Top 10 - A2 Broken Authentication and Session Management
Description The attacker steals his victim’s credentials or any information that will help him impersonating the victim on your application. Examples Client attack To authenticate »
OWASP Top 10 - A1 Injection
Description The attacker sends untrusted data that will be injected in the targeted application to change its behaviour. The goal of this attack is usually to »