http://farm4.static.flickr.com/3411/3251415324_242d45c681.jpg *[http://deesec.com/ My new security blog @ http://deesec.com/]* *NEW* [http://code.google.com/p/proxystrike/wiki/PluginsHowto Plugins Howto] *ProxyStrike v2.1* is an active Web Application Proxy. It's a tool designed to find vu...

The Classic ASP platform does not include any validation features by default. This leaves many organizations to craft their own validation mechanisms, often incomplete, flawed, and inefficient. The basic idea is to define validation rules for the headers, cookies, and parameters of an HTTP request. ...

The purpose of the ESAPI is to provide a simple interface that provides all the security functions a developer is likely to need in a clear, consistent, and easy to use way. The ESAPI architecture is very simple, just a collection of classes that encapsulate the key security operations most applicat...

http://webgoat.googlecode.com/svn/trunk/webgoat/src/main/webapp/images/header/header.jpg =Overview= *WebGoat* is a deliberately insecure J2EE web application designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploi...

<strong>OWASP ESAPI for Java: Strong, Simple Security Controls for Java Developers</strong> Don’t write your own security controls! Reinventing the wheel when it comes to developing security controls for every web application or web service leads to wasted time and massive security holes. The OW...

*OWASP ESAPI for PHP: Strong, Simple Security Controls for PHP Developers* Don’t write your own security controls! Reinventing the wheel when it comes to developing security controls for every web application or web service leads to wasted time and massive security holes. The OWASP Enterprise Sec...

The purpose of the ESAPI is to provide a simple interface that provides all the security functions a developer is likely to need in a clear, consistent, and easy to use way. The ESAPI architecture is very simple, just a collection of classes that encapsulate the key security operations most applicat...

The xssinterface javascript library enables communication of multiple pages (or pages and iframes) via javascript functions across domain boundaries. This may be useful for websites that want to expose a limited javascript interface to embedded widgets. xssinterface is _not_ a library to perform ...

The purpose of the .NET ESAPI is to provide a simple interface that provides all the ordinary security functions a developer is likely to need in a clear, consistent, and easy to use way. The .NET ESAPI architecture is very simple, just a collection of classes that encapsulate the key security op...

The ESAPI Swingset is a web application which demonstrates the many uses of the Enterprise Security API (ESAPI)