Security

TwitterFacebook
Get flash to fully experience Pearltrees

Comprehensive list of Threats to Authentication Procedures and Data

http://chrisdrake.com/Comprehensive_list_of_Threats_to_Authentication_Procedures_and_Data.html Background There is a bewildering array of tricks, techniques, and technologies that exist to steal passwords, attack password systems, and circumvent authentication security. The List Here is the list: 1. Confidence Tricks
http://www.w3.org/TR/2002/REC-P3P-20020416/

The Platform for Privacy Preferences 1.0 (P3P1.0) Specification

W3C Recommendation 16 April 2002 This Version: http://www.w3.org/TR/2002/REC-P3P-20020416/ Latest Version: http://www.w3.org/TR/P3P/
When a user makes selections on an HTML page, the selection is typically stored as form field values and sent to the application as an HTTP request (GET or POST). HTML can also store field values as Hidden Fields, which are not rendered to the screen by the browser but are collected and submitted as parameters during form submissions. Whether these form fields are pre-selected (drop down, check boxes etc.), free form or hidden, they can all be manipulated by the user to submit whatever values he/she chooses.

Parameter Manipulation

http://www.cgisecurity.com/owasp/html/ch11s04.html

XSS (Cross Site Scripting) Cheat Sheet

This article is focused on providing application security testing professionals with a guide to assist in Cross Site Scripting testing. https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet