Pagrindiniai web sistemų pažeidžiamumai Ir saugos būdai


Šaltiniai

 

  1. http://countermeasures.trendmicro.eu/skype-vulnerability/
  2. http://projects.webappsec.org/w/page/13246949/Null%20Byte%20Injection
  3. http://en.wikipedia.org/wiki/Trust_boundary
  4. http://en.wikipedia.org/wiki/Privilege_escalation
  5. https://www.owasp.org/
  6. http://en.wikipedia.org/wiki/SQL_injection
  7. http://www.php.net/manual/en/function.mysql-real-escape-string.php
  8. http://www.tinklusaugumas.lt/cgi-bin/moin.py/Same%20Origin%20Policy
  9. http://en.wikipedia.org/wiki/Document_Object_Model
  10. http://www.acunetix.com/blog/web-security-zone/dom-xss/
  11. https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet
  12. http://www.portswigger.net/burp/sequencer.html
  13. https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)
  14. https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet
  15. https://www.owasp.org/index.php/Top_10_2010-A6
  16. http://en.wikipedia.org/wiki/Avalanche_effect
  17. http://codahale.com/how-to-safely-store-a-password/
  18. http://codebutler.com/firesheep/
  19. http://www.troyhunt.com/2011/12/owasp-top-10-for-net-developers-part-10.html
  20. http://www.sqlmag.com/article/permissions/preventing-sql-injection-attack
  21. http://en.wikipedia.org/wiki/Hash-based_message_authentication_code
  22. Web Application Hacker’s Handbook, Second Edition.
  23. https://wiki.mozilla.org/WebAppSec/Secure_Coding_Guidelines
  24. http://php.net/manual/en/book.mysqli.php
  25. http://htmlpurifier.org/
  26. http://www.dvwa.co.uk/
  27. http://www.oxid.it/cain.html
  28. http://en.wikipedia.org/wiki/Remote_file_inclusion
  29. http://en.wikipedia.org/wiki/Collision_attack
  30. http://www.lrytas.lt/verslas/it-ir-technologijos/viesi-bevieliai-tinklai-kaip-saugiai-naudotis.htm