HP Fortify Presentation

2011-06-15  张林 

HP Fortify Presentation
Fortify Taxonomy: Software Security Errors
http://fortify.com/vulncat/
The Open Web Application Security Project (OWASP)

http://www.owasp.org/
http://code.google.com/p/webgoat/
WebGoat is a deliberately insecure J2EE web application designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat application. For example, in one of the lessons the user must use SQL injection to steal fake credit card numbers. The application is a realistic teaching environment, providing users with hints and code to further explain the lesson

http://cwe.mitre.org/index.html

http://webstretch.sourceforge.net/

http://www.oschina.net/p/vega

http://www.oschina.net/p/watobo

http://www.80sec.com/

http://netsecurity.51cto.com/

http://www.80sec.com/pst-webzine
462°/4600 人阅读/2 条评论 发表评论

苗志伟  2011-06-15

We can sett up a WebGoat Environment to improve more about defensive coding or testing consciousness. Is that what you're saying?


张林  2011-06-16

no, only fyi for security testing.


登录 后发表评论