科技回声

mikeodds超过 4 年前

Appsec person here with a potentially unpopular opinion.<p>I find OWASP guidance generally lags behind latest research by at least a couple of years.<p>All too commonly the projects seem like CV padding pieces that get abandoned and not updated (I re-iterate, not all OWASP projects, just a lot of them).<p>If you are developer who wants to learn more about appsec, I’d recommend checking out pentesterlab.com and working through the exercises there.

评论 #26147276 未加载

评论 #26143095 未加载

评论 #26146385 未加载

评论 #26147790 未加载

评论 #26145342 未加载

评论 #26153426 未加载

评论 #26145622 未加载

评论 #26142911 未加载

评论 #26145910 未加载

评论 #26145639 未加载

评论 #26142923 未加载

weagle05超过 4 年前

The cheat sheet series is the best project at OWASP. I use them almost weekly when I reference vulnerabilities for developers. It's one of the main reasons I have a membership. If you feel the guidance is starting to get stale, take a few minutes to make an update and submit a pull request. I'm sure it will be appreciated.

enz超过 4 年前

This is gold. Thanks for sharing.

OWASP Cheat Sheet Series

3 条评论

OWASP Cheat Sheet Series

3 条评论