security

Alle Einträge mit dem Tag "security"

Wednesday, 6. July 2011

Portable PHP password hashing ("password encryption") framework

This is a portable public domain password hashing framework for use in PHP applications. It is meant to work with PHP 3 and above, and it has actually been tested with at least PHP 3.0.18 through 5.3.0 so far.

Shortlist | development, md5, password, php, programming, security, webdev | Kommentare (0)

Tuesday, 19. April 2011

XSS (Cross Site Scripting) Prevention Cheat Sheet

Shortlist | javascript, scripting, security, via:zite, xss | Kommentare (0)

Wednesday, 28. July 2010

Inspekt – An Input Filtering and Validation Library for PHP

Inspekt is a PHP library that makes it easier to write secure web applications 
 
Inspekt acts as a firewall API between user input and the rest of the application. It takes PHP superglobal arrays, encapsulates their data in an "cage" object, and destroys the original superglobal. Data can then be retrieved from the input data object using a variety of accessor methods that apply filtering, or the data can be checked against validation methods. Raw data can only be accessed via a 'getRaw()' method, forcing the developer to show clear intent. 
 
Inspekt can also be used on arbitrary arrays, and provides static filtering and validation methods. 
 
Inspekt works in PHP5, and has no external dependencies.

Shortlist | filter, library, php, php5, security, validation, webdev | Kommentare (0)

Thursday, 4. March 2010

heise Security – 14.01.10 – SSL für lau

Der eigene Webserver mit einem SSL-Zertifikat, das von einer zugelassenen Certificate Authority ausgestellt wurde und somit im Browser auch keine Warnmeldung verursacht, das böte schon seine Vorteile. Doch allein die Preise für ein Zertifikat von Verisign&Co lassen solche Gedankenspiele meist schnell wieder enden. Der israelische Anbieter StartSSL bietet jedoch kostenlose SSL-Serverzertifikate an, die immerhin ein Jahr gültig sind.

Shortlist | admin, apache, certificate, free, howto, https, internet, linux, security, server, ssl | Kommentare (0)

Tuesday, 2. February 2010

Category:OWASP Enterprise Security API – OWASP

OWASP Enterprise Security API Toolkits help software developers guard against security-related design and implementation flaws. Our motto is NO GUTS NO GLORY!

Shortlist | development, owasp, php, security, software | Kommentare (0)

Tuesday, 26. January 2010

Glastopf Web Interface v1.6

It helps us to distinguish RFI attacks targeting different hosts. And it provides a basic protection for your Website against RFI attacks.
Potentially harmful traffic is diverted to a special honeypot system.
Results from the analysis will be reported to the hosting company from which the attack where originated.

Shortlist | honeypot, htaccess, security, spam | Kommentare (0)

security

Portable PHP password hashing ("password encryption") framework

XSS (Cross Site Scripting) Prevention Cheat Sheet

Inspekt – An Input Filtering and Validation Library for PHP

heise Security – 14.01.10 – SSL für lau

Category:OWASP Enterprise Security API – OWASP

Glastopf Web Interface v1.6

Seiten

Kategorien

Tags

Last.fm