Episode 14 – OWASP Top 10 2017 – A6 Through A10
Purple Squad Security
English - December 10, 2017 13:15 - 39 minutes - 1 Byte - ★★★★★ - 20 ratingsTechnology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
In the completion of our look at the OWASP Top 10 for 2017, this episode will cover the final 5 items on the list, from A6 (Security Misconfiguration) through A10 (Insufficient Logging & Monitoring). Some links of interest:
OWASP Top 10 - https://www.owasp.org/images/7/72/OWASP_Top_10-2017_%28en%29.pdf.pdf
OWASP XSS Filter Evasion Cheat Sheet - https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
OWASP XSS Prevention Cheat Sheet - https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet
OWASP DOM-based XSS Prevention Cheat Sheet - https://www.owasp.org/index.php/DOM_based_XSS_Prevention_Cheat_Sheet
Bypass WAF with DOM-based XSS - https://www.sunnyhoi.com/using-dom-based-xss-bypass-waf/
Want to reach out to the show? There's a few ways to get in touch!
Show's Twitter: @PurpleSquadSec
John's Twitter: @JohnsNotHere
Podcast Website: purplesquadsec.com
Sign-Up for our Slack community: https://signup.purplesquadsec.com
John's Peerlyst Profile: https://www.peerlyst.com/users/john-svazic
Thanks for listening, and I will talk with you all again next time.
Find out more at http://purplesquadsec.com