Penetration Testing mailing list archives
Re: WS Security
From: "Leonardo Cavallari Militelli" <leonardocavallari () gmail com>
Date: Tue, 16 Dec 2008 10:42:26 -0200
This could help too: http://www.owasp.org/images/d/d0/Web_Services_Hacking_and_Hardening.pdf Best, Leo Cavallari OWASP ASDR Project Leader On Mon, Dec 15, 2008 at 6:55 PM, Jan Muenther <jan.muenther () nruns com> wrote:
If any of you has pointers to some documents that systematically point out all the risks and alternative ways to mitigate them it would help me a lot.Have you read Brad Hill's stuff on the topic? http://www.isecpartners.com/files/XMLDSIG_Command_Injection.pdf http://seattle.toorcon.org/2007/talks/bradhill.ppt Cheers, Jan -- Jan Muenther, CTO Security, n.runs AG ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
Current thread:
- WS Security auto176251 (Dec 15)
- <Possible follow-ups>
- Re: WS Security Jan Muenther (Dec 15)
- Re: WS Security Leonardo Cavallari Militelli (Dec 16)
- Re: WS Security anj (Dec 16)
- Re: WS Security auto176251 (Dec 18)