owasp

Adding authentication in ZAP tool to attack a URL

by

Quite old question but here it goes. The most simple way to do this is setting your browser to Proxy through ZAP. On Firefox you can go to: Options -> Advanced -> Network -> Settings. Select Manual Proxy Configuration and fill the HTTP Host with the address of the machine running ZAP (most probably localhost) … Read more

CSRF, XSS and SQL Injection attack prevention in JSF

by

XSS JSF is designed to have builtin XSS prevention. You can safely redisplay all user-controlled input (request headers (including cookies!), request parameters (also the ones which are saved in DB!) and request bodies (uploaded text files, etc)) using any JSF component. <h:outputText value=”#{user.name}” /> <h:outputText value=”#{user.name}” escape=”true” /> <h:inputText value=”#{user.name}” /> etc… Note that when … Read more

PHP $_SERVER[‘HTTP_HOST’] vs. $_SERVER[‘SERVER_NAME’], am I understanding the man pages correctly?

by

That’s probably everyone’s first thought. But it’s a little bit more difficult. See Chris Shiflett’s article SERVER_NAME Versus HTTP_HOST. It seems that there is no silver bullet. Only when you force Apache to use the canonical name you will always get the right server name with SERVER_NAME. So you either go with that or you … Read more

What is “X-Content-Type-Options=nosniff”?

by

It prevents the browser from doing MIME-type sniffing. Most browsers are now respecting this header, including Chrome/Chromium, Edge, IE >= 8.0, Firefox >= 50 and Opera >= 13. See : https://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx?Redirected=true Sending the new X-Content-Type-Options response header with the value nosniff will prevent Internet Explorer from MIME-sniffing a response away from the declared content-type. EDIT: … Read more

tech