Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: WS Security

From: "Leonardo Cavallari Militelli" <leonardocavallari () gmail com>
Date: Tue, 16 Dec 2008 10:42:26 -0200
This could help too:
http://www.owasp.org/images/d/d0/Web_Services_Hacking_and_Hardening.pdf

Best,
Leo Cavallari
OWASP ASDR Project Leader

On Mon, Dec 15, 2008 at 6:55 PM, Jan Muenther <jan.muenther () nruns com> wrote:



If any of you has pointers to some documents that systematically
point out all the risks and alternative ways to mitigate them it
would help me a lot.


Have you read Brad Hill's stuff on the topic?
http://www.isecpartners.com/files/XMLDSIG_Command_Injection.pdf
http://seattle.toorcon.org/2007/talks/bradhill.ppt

Cheers,
Jan

--
Jan Muenther, CTO Security, n.runs AG


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: