Starting: Sat Jan 05 2002 - 19:24:10 CST
Ending: Mon Apr 01 2002 - 19:15:00 CST

• %uxxxx Windows Encoding
  • zeno (Wed Feb 20 2002 - 09:21:16 CST)
• (forw) NEW Draft Publication added to CSRC
  • aleph1securityfocus.com (Sat Mar 02 2002 - 03:19:42 CST)
• .NET and J2EE security white paper
  • The Owasp Project (Thu Feb 14 2002 - 08:25:08 CST)
• .NET Vote Rigging ?
  • bacano (Thu Jan 10 2002 - 03:59:29 CST)
  • James Fleming (Wed Jan 09 2002 - 11:55:47 CST)
• [Knowledge shared ]
  • Chip Andrews (Thu Jan 31 2002 - 11:49:20 CST)
• Admin test for bad mail addresses - please ignore
  • Mark Curphey (Sun Mar 10 2002 - 23:45:25 CST)
• Appropriate Posts to the list
  • Mark Curphey (Sat Jan 12 2002 - 17:32:38 CST)
• ASAC Canonicalization Unicode
  • Mark Curphey (Tue Jan 08 2002 - 09:37:12 CST)
• Attackers Perspective...
  • Edison Rivadeneira (Wed Mar 13 2002 - 17:05:03 CST)
  • denebunixwave.org (Mon Mar 04 2002 - 16:45:42 CST)
  • Nik Cubrilovic (Mon Mar 04 2002 - 09:24:42 CST)
  • webappsec (Wed Feb 13 2002 - 15:57:53 CST)
  • dendleridefense.com (Mon Feb 11 2002 - 15:07:14 CST)
  • dendleridefense.com (Mon Feb 11 2002 - 15:01:57 CST)
  • Gregory Steuck (Mon Feb 11 2002 - 14:00:49 CST)
  • Johnson, Michael1 [IT] (Mon Feb 11 2002 - 13:33:54 CST)
  • Gabriel Lawrence (Mon Feb 11 2002 - 12:52:59 CST)
• Black Box vs White Box Testing
  • vertigo (Tue Jan 22 2002 - 19:12:51 CST)
  • Nathan Catlow (Wed Jan 16 2002 - 13:33:43 CST)
  • zeno (Wed Jan 16 2002 - 11:44:27 CST)
  • James Fleming (Wed Jan 16 2002 - 11:29:22 CST)
  • Nelson Sampaio Araujo Junior (Wed Jan 16 2002 - 10:19:52 CST)
  • James Fleming (Wed Jan 16 2002 - 11:21:07 CST)
  • James Fleming (Wed Jan 16 2002 - 11:19:33 CST)
  • James Fleming (Wed Jan 16 2002 - 11:17:55 CST)
  • c c (Wed Jan 16 2002 - 06:17:01 CST)
  • Nelson Sampaio Araujo Junior (Wed Jan 16 2002 - 06:14:11 CST)
  • Nathan Catlow (Wed Jan 16 2002 - 04:08:29 CST)
  • Jeremiah Grossman (Tue Jan 15 2002 - 16:48:13 CST)
  • The Owasp Project (Tue Jan 15 2002 - 16:15:53 CST)
  • Jeremiah Grossman (Tue Jan 15 2002 - 13:09:17 CST)
  • derek (Tue Jan 15 2002 - 13:10:13 CST)
  • Nelson Sampaio Araujo Junior (Tue Jan 15 2002 - 10:34:37 CST)
  • Slow2Show (Tue Jan 15 2002 - 09:44:46 CST)
  • auto125268hushmail.com (Tue Jan 15 2002 - 01:48:17 CST)
  • The Owasp Project (Tue Jan 15 2002 - 00:44:24 CST)
• Black Box vs White Box Testing)
  • Fernando Martins (Thu Jan 17 2002 - 15:29:36 CST)
• Building web administration application
  • Kurt Seifried (Fri Feb 08 2002 - 12:19:55 CST)
  • HarryM (Fri Feb 08 2002 - 09:15:01 CST)
  • Reed Law (Fri Feb 08 2002 - 08:49:13 CST)
  • HarryM (Fri Feb 08 2002 - 03:40:38 CST)
  • reedstatoids.com (Thu Feb 07 2002 - 21:32:36 CST)
• canonicalization/sanitization sequence (incl. Unicode normalization)
  • The Picard (Wed Feb 06 2002 - 23:58:39 CST)
• Cgisecurity.com Paper #5: Fingerprinting Port 80 Attacks: A look into web server, and web application attack signatures: Part Two.
  • zeno (Tue Mar 05 2002 - 17:14:59 CST)
• Change window name (WAS: How to test for Cross Site Scripting)
  • Security Coordinator (Sat Feb 02 2002 - 12:39:08 CST)
  • Gunther Konig (Sat Feb 02 2002 - 02:04:18 CST)
  • Security Coordinator (Fri Feb 01 2002 - 09:26:03 CST)
  • Gunther Konig (Fri Feb 01 2002 - 00:47:38 CST)
• Character questions
  • zeno (Fri Feb 08 2002 - 08:24:23 CST)
• Child Threads to kill session cookies ?
  • Gabriel Lawrence (Thu Feb 07 2002 - 13:57:41 CST)
  • James Fleming (Thu Feb 07 2002 - 11:50:30 CST)
• Clever Content?
  • RSnake (Mon Jan 14 2002 - 10:31:21 CST)
  • Wayne Huang (Mon Jan 14 2002 - 13:58:02 CST)
  • Andersen, Thomas Bjoern (Mon Jan 14 2002 - 05:40:17 CST)
• comeback on attack trees: XML and Graphviz
  • Razvan Peteanu (Sat Mar 30 2002 - 21:02:40 CST)
• Cross-site scripting in file uploads
  • Security Coordinator (Thu Mar 07 2002 - 08:49:49 CST)
  • Laurian Gridinoc (Wed Mar 06 2002 - 16:36:15 CST)
  • Gabriel Lawrence (Wed Mar 06 2002 - 16:37:07 CST)
  • zeno (Wed Mar 06 2002 - 14:09:49 CST)
  • Menashe Eliezer (Wed Mar 06 2002 - 14:39:54 CST)
  • Nik Cubrilovic (Wed Mar 06 2002 - 12:36:04 CST)
• CSS and PHP question
  • Sverre H. Huseby (Thu Mar 14 2002 - 01:57:16 CST)
  • denebunixwave.org (Tue Mar 12 2002 - 18:30:11 CST)
  • josh smith (Tue Mar 12 2002 - 10:16:22 CST)
  • Slow2Show (Mon Mar 11 2002 - 21:24:41 CST)
  • denebunixwave.org (Mon Mar 11 2002 - 16:43:19 CST)
  • HarryM (Mon Mar 11 2002 - 14:49:55 CST)
  • Dominik Birk (Mon Mar 11 2002 - 11:06:35 CST)
  • Steve Sobol (Mon Mar 11 2002 - 10:25:18 CST)
  • Nik Cubrilovic (Mon Mar 11 2002 - 10:17:59 CST)
  • Steve Sobol (Mon Mar 11 2002 - 08:47:31 CST)
• CSS Discovery tool?
  • Mark Curphey (Sun Feb 10 2002 - 13:17:58 CST)
  • Arta (Sun Feb 10 2002 - 12:51:48 CST)
• CSS vs. XSS (was CSS visited pages disclosure)
  • Slow2Show (Wed Feb 20 2002 - 14:00:21 CST)
• Detecting if SecureIIS from Eeye is installed
  • Sacha Faust (Wed Jan 23 2002 - 16:09:25 CST)
• Developerstore.com expose critical customer info
  • Mark Curphey (Sun Jan 13 2002 - 19:55:22 CST)
  • shawn merdinger (Sun Jan 13 2002 - 19:40:18 CST)
  • c c (Thu Jan 10 2002 - 09:30:57 CST)
• dllhost.exe taking up all CPU time on webserver
  • Erwin Geirnaert (Thu Mar 14 2002 - 02:11:03 CST)
  • Noam Eppel (Tue Mar 12 2002 - 09:51:09 CST)
  • Rubé (Tue Mar 12 2002 - 09:30:22 CST)
  • Ben Darlow (Tue Mar 12 2002 - 04:13:41 CST)
• embedded webservers
  • zeno (Thu Jan 24 2002 - 09:33:08 CST)
  • Fernando Martins (Thu Jan 24 2002 - 07:46:09 CST)
• Error Codes
  • zeno (Fri Jan 18 2002 - 11:49:55 CST)
• Extended HTML form attack
  • obscure (Thu Feb 07 2002 - 12:46:53 CST)
• ezmlm warning
  • webappsec-helpsecurityfocus.com (Tue Feb 19 2002 - 17:47:33 CST)
• Full disclosure opponent discloses *full details* of significant privacy problem
  • Richard M. Smith (Wed Jan 16 2002 - 12:14:56 CST)
  • Dave Vehrs (Wed Jan 16 2002 - 11:59:21 CST)
• Fwd: CSS visited pages disclosure
  • Mark Curphey (Wed Feb 20 2002 - 11:12:44 CST)
• Fwd: Full disclosure opponent discloses *full details* of significant privacy problem
  • Mark Curphey (Wed Jan 16 2002 - 11:13:42 CST)
• Fwd: New SQL Injection Whitepaper
  • Mark Curphey (Thu Jan 31 2002 - 15:48:04 CST)
• FWD: OWASP Testing
  • The Owasp Project (Wed Jan 30 2002 - 11:34:37 CST)
• Generate shared key
  • Mike Cahn (Thu Mar 28 2002 - 00:59:13 CST)
  • Mike Cahn (Thu Mar 28 2002 - 00:52:46 CST)
  • Dawes, Rogan (ZA - Johannesburg) (Wed Mar 27 2002 - 07:05:21 CST)
  • Dawes, Rogan (ZA - Johannesburg) (Wed Mar 27 2002 - 06:45:35 CST)
  • foobreturn0.net (Tue Mar 26 2002 - 13:22:46 CST)
  • Mike Cahn (Tue Mar 26 2002 - 11:10:02 CST)
• Header paper/Web Stats software
  • zeno (Thu Jan 17 2002 - 14:25:25 CST)
  • Tony Welsh (Thu Jan 17 2002 - 14:14:18 CST)
  • time2-media.co.nz (Wed Jan 16 2002 - 21:51:15 CST)
  • zeno (Wed Jan 16 2002 - 10:06:08 CST)
• How to test for Cross Site Scripting
  • Bill Pennington (Thu Jan 31 2002 - 12:50:15 CST)
  • zeno (Thu Jan 31 2002 - 11:55:25 CST)
  • M. Burnett (Thu Jan 31 2002 - 11:16:30 CST)
  • Security Coordinator (Wed Jan 30 2002 - 12:38:01 CST)
  • Bill Pennington (Wed Jan 30 2002 - 12:01:28 CST)
  • Shields, Larry (Wed Jan 30 2002 - 09:40:41 CST)
  • Sverre H. Huseby (Wed Jan 30 2002 - 03:30:39 CST)
  • James Fleming (Tue Jan 29 2002 - 20:48:38 CST)
  • Bill Pennington (Tue Jan 29 2002 - 19:15:57 CST)
  • James Fleming (Tue Jan 29 2002 - 12:04:34 CST)
  • Shields, Larry (Tue Jan 29 2002 - 06:52:07 CST)
  • Sverre H. Huseby (Tue Jan 29 2002 - 02:07:40 CST)
  • dzzieyahoo.com (Mon Jan 28 2002 - 14:27:04 CST)
  • James Fleming (Mon Jan 28 2002 - 11:02:31 CST)
  • Shields, Larry (Mon Jan 28 2002 - 10:31:51 CST)
  • James Fleming (Mon Jan 28 2002 - 09:24:22 CST)
  • Dawes, Rogan (ZA - Johannesburg) (Mon Jan 28 2002 - 01:09:11 CST)
  • The Owasp Project (Mon Jan 28 2002 - 00:39:14 CST)
• Http state management for authentication
  • Scott, Richard (Thu Mar 07 2002 - 09:14:11 CST)
  • Security Coordinator (Thu Mar 07 2002 - 08:42:51 CST)
  • r s (Wed Mar 06 2002 - 13:55:10 CST)
• iBuySpy store hole
  • Mark Curphey (Sun Mar 03 2002 - 14:48:49 CST)
• IDS and SSL
  • Jason Lewis (Thu Mar 21 2002 - 14:17:26 CST)
  • Jason Brvenik (Thu Mar 21 2002 - 10:02:25 CST)
  • pgiacomi (Thu Mar 21 2002 - 06:47:05 CST)
  • Gabriel Lawrence (Wed Mar 20 2002 - 11:29:43 CST)
  • zeno (Wed Mar 20 2002 - 09:30:46 CST)
  • Oliver Petruzel (Tue Mar 19 2002 - 22:30:58 CST)
  • Gabriel Lawrence (Tue Mar 19 2002 - 22:06:17 CST)
  • Oliver Petruzel (Tue Mar 19 2002 - 18:54:33 CST)
  • zeno (Tue Mar 19 2002 - 12:09:19 CST)
• Image question
  • zeno (Wed Jan 09 2002 - 10:49:52 CST)
  • Brass, Phil (ISS Atlanta) (Wed Jan 09 2002 - 10:49:05 CST)
  • zeno (Wed Jan 09 2002 - 09:06:56 CST)
• Input Filters
  • Security Coordinator (Wed Mar 06 2002 - 10:38:54 CST)
  • Andrew Jaquith (Tue Mar 05 2002 - 23:21:28 CST)
• Interoperable Crypto......
  • Ken (Fri Mar 29 2002 - 16:17:30 CST)
  • Gabriel Lawrence (Fri Mar 29 2002 - 11:25:43 CST)
  • r s (Fri Mar 29 2002 - 09:30:02 CST)
• Java App Server Security Config Guides ?
  • Razvan Peteanu (Wed Mar 06 2002 - 22:03:34 CST)
  • Mark Curphey (Tue Mar 05 2002 - 22:16:33 CST)
• Java Servlet 2.3 API - Security Filters
  • James Fleming (Tue Jan 29 2002 - 14:58:27 CST)
  • Gregory Steuck (Tue Jan 29 2002 - 15:35:50 CST)
• JSP include misuse (was: Advisory #3 - PHP & JSP)
  • The Owasp Project (Wed Feb 13 2002 - 18:36:22 CST)
  • Gregory Steuck (Wed Feb 13 2002 - 11:48:47 CST)
• Knowledge shared
  • Brett Moore (Thu Jan 31 2002 - 05:44:27 CST)
• License Thread Dead
  • Mark Curphey (Thu Jan 17 2002 - 21:33:59 CST)
• List Moderation and Administrivia
  • Mark Curphey (Wed Feb 20 2002 - 00:58:36 CST)
• Mangle as requested.
  • Dawes, Rogan (ZA - Johannesburg) (Fri Feb 15 2002 - 00:13:20 CST)
• Metis 1.2 released
  • Sacha Faust (Thu Feb 28 2002 - 23:30:47 CST)
• MS-SQL Insertion
  • Dave Aitel (Fri Jan 11 2002 - 19:08:39 CST)
  • Bill Pennington (Fri Jan 11 2002 - 19:01:21 CST)
• New Article On Future of Web Application Worms
  • zeno (Tue Mar 12 2002 - 15:04:28 CST)
• New OWASP Project - Input Filters
  • Security Coordinator (Tue Mar 12 2002 - 09:37:57 CST)
  • Noam Ben-Yochanan (Sun Mar 10 2002 - 10:10:36 CST)
  • Noam Ben-Yochanan (Thu Mar 07 2002 - 00:42:55 CST)
  • Security Coordinator (Thu Mar 07 2002 - 08:14:38 CST)
  • Security Coordinator (Wed Mar 06 2002 - 10:32:07 CST)
  • Glenn and Mary Everhart (Tue Mar 05 2002 - 18:11:30 CST)
  • Security Coordinator (Tue Mar 05 2002 - 09:45:30 CST)
  • Nancy Gabriel (Mon Mar 04 2002 - 18:18:48 CST)
  • Gabriel Lawrence (Mon Mar 04 2002 - 15:19:18 CST)
  • Michael Howard (Mon Mar 04 2002 - 10:16:40 CST)
  • Mark Curphey (Fri Mar 01 2002 - 17:00:16 CST)
• New Tool: WhiteHat Arsenal 1.02 Beta
  • Elan Hasson (Wed Feb 20 2002 - 00:39:15 CST)
  • required fun (Tue Feb 19 2002 - 23:23:43 CST)
  • WhiteHat Security, Inc. (Sun Feb 17 2002 - 15:02:14 CST)
• New Web Authentication Security Auditing Tool
  • Dave Aitel (Tue Feb 19 2002 - 09:00:47 CST)
  • Gonzalo Álvarez Marañón (Tue Feb 19 2002 - 04:45:54 CST)
• New Whitepaper - Just Ask the Axis
  • Mark Curphey (Fri Mar 08 2002 - 22:47:17 CST)
• Nikto web scanner - release
  • sq (Fri Jan 11 2002 - 09:06:56 CST)
• NIST Guide to Network Security Testing
  • Mark Curphey (Tue Feb 05 2002 - 12:16:05 CST)
• One time cookie (was: OWASP How to test cookie manipulation)
  • Lincoln Yeoh (Wed Feb 13 2002 - 11:02:22 CST)
  • Security Coordinator (Wed Feb 13 2002 - 07:42:42 CST)
  • Gabriel Lawrence (Tue Feb 12 2002 - 17:03:06 CST)
  • Security Coordinator (Tue Feb 12 2002 - 16:46:17 CST)
  • Security Coordinator (Tue Feb 12 2002 - 16:34:23 CST)
  • Gabriel Lawrence (Tue Feb 12 2002 - 10:58:38 CST)
  • Marc Slemko (Tue Feb 12 2002 - 10:41:41 CST)
  • Security Coordinator (Tue Feb 12 2002 - 08:31:20 CST)
  • Tom McAdam (Tue Feb 12 2002 - 09:00:43 CST)
  • John Percival (Tue Feb 12 2002 - 06:31:28 CST)
  • Tom McAdam (Tue Feb 12 2002 - 04:14:19 CST)
  • Security Coordinator (Mon Feb 11 2002 - 16:52:31 CST)
  • Security Coordinator (Mon Feb 11 2002 - 08:52:23 CST)
  • derek (Mon Feb 11 2002 - 08:30:41 CST)
  • Filipe Almeida (Sun Feb 10 2002 - 14:16:38 CST)
  • John Percival (Sun Feb 10 2002 - 13:16:48 CST)
  • Allie Micka (Sun Feb 10 2002 - 10:24:21 CST)
  • John Percival (Sun Feb 10 2002 - 09:58:55 CST)
  • Gregory Steuck (Sun Feb 10 2002 - 02:49:42 CST)
• open source idea for OWASP or anybody
  • James Fleming (Fri Feb 08 2002 - 13:12:54 CST)
  • Security Coordinator (Fri Feb 08 2002 - 11:55:47 CST)
  • Slow2Show (Fri Feb 08 2002 - 01:47:18 CST)
• OWASP : What to test ?
  • Warchild (Mon Jan 21 2002 - 21:04:39 CST)
  • Mark Curphey (Mon Jan 21 2002 - 20:25:08 CST)
  • Nik (Mon Jan 21 2002 - 09:41:08 CST)
  • Bruce.Morrisernstyoung.com.au (Sun Jan 20 2002 - 16:21:05 CST)
  • James Fleming (Fri Jan 11 2002 - 16:49:05 CST)
  • zeno (Fri Jan 11 2002 - 13:03:08 CST)
  • Mark Curphey (Fri Jan 11 2002 - 13:04:22 CST)
• Owasp addition?
  • Mark Curphey (Fri Mar 29 2002 - 17:23:35 CST)
  • zeno (Fri Mar 29 2002 - 13:30:10 CST)
• OWASP Application Security Attack Component Updates
  • Kevin Jeong (Tue Jan 08 2002 - 01:47:27 CST)
• OWASP ASAC - Canonicalization with Unicode
  • TAKAGI, Hiromitsu (Thu Feb 07 2002 - 17:16:22 CST)
  • TAKAGI, Hiromitsu (Thu Feb 07 2002 - 15:35:44 CST)
  • Michael Howard (Mon Feb 04 2002 - 12:40:53 CST)
  • The Picard (Sun Feb 03 2002 - 19:05:34 CST)
  • Amit Klein (Sun Feb 03 2002 - 08:49:50 CST)
  • Security Coordinator (Sat Feb 02 2002 - 12:33:45 CST)
  • Michael Howard (Fri Feb 01 2002 - 18:01:08 CST)
  • Brett Moore (Fri Feb 01 2002 - 17:45:37 CST)
  • Brett Moore (Fri Feb 01 2002 - 17:41:25 CST)
  • Sverre H. Huseby (Fri Feb 01 2002 - 17:36:59 CST)
  • Michael Howard (Fri Feb 01 2002 - 17:30:04 CST)
  • Sverre H. Huseby (Fri Feb 01 2002 - 17:28:09 CST)
  • Michael Howard (Fri Feb 01 2002 - 16:59:47 CST)
  • Michael Howard (Fri Feb 01 2002 - 16:55:12 CST)
  • Brett Moore (Fri Feb 01 2002 - 16:46:51 CST)
  • Michael Howard (Fri Feb 01 2002 - 15:58:51 CST)
  • The Owasp Project (Fri Feb 01 2002 - 01:09:31 CST)
• OWASP ASAC - Weak Cryptographic Algorithms
  • The Owasp Project (Fri Feb 01 2002 - 00:34:47 CST)
• OWASP ASAC Cryptographic Key Space
  • The Owasp Project (Fri Feb 01 2002 - 01:10:54 CST)
• OWASP ASAC Infrastructure Authentication
  • The Owasp Project (Fri Feb 01 2002 - 00:41:23 CST)
• OWASP How to test cookie manipulation
  • Nik Cubrilovic (Mon Feb 25 2002 - 08:17:23 CST)
  • Jacob Kenner (Fri Feb 15 2002 - 21:08:37 CST)
  • stephen (Tue Feb 12 2002 - 11:13:00 CST)
  • Dawes, Rogan (ZA - Johannesburg) (Tue Feb 12 2002 - 10:42:36 CST)
  • John Percival (Fri Feb 08 2002 - 14:04:27 CST)
  • vertigo (Fri Feb 08 2002 - 13:23:25 CST)
  • Security Coordinator (Fri Feb 08 2002 - 12:00:12 CST)
  • Bill Pennington (Fri Feb 08 2002 - 11:11:37 CST)
  • John Percival (Fri Feb 08 2002 - 10:02:17 CST)
  • vertigo (Thu Feb 07 2002 - 18:26:34 CST)
  • Security Coordinator (Thu Feb 07 2002 - 16:53:12 CST)
  • Scott Askew (Thu Feb 07 2002 - 16:11:10 CST)
  • zeno (Thu Feb 07 2002 - 14:18:23 CST)
  • zeno (Thu Feb 07 2002 - 14:42:29 CST)
  • Gabriel Lawrence (Thu Feb 07 2002 - 14:50:43 CST)
  • Bill Pennington (Thu Feb 07 2002 - 11:42:47 CST)
  • Bill Pennington (Thu Feb 07 2002 - 12:57:26 CST)
  • Gabriel Lawrence (Thu Feb 07 2002 - 12:12:57 CST)
  • Security Coordinator (Thu Feb 07 2002 - 10:58:53 CST)
  • Security Coordinator (Thu Feb 07 2002 - 10:51:12 CST)
  • Gabriel Lawrence (Wed Feb 06 2002 - 22:10:58 CST)
  • Shields, Larry (Wed Feb 06 2002 - 14:09:01 CST)
  • zeno (Wed Feb 06 2002 - 13:40:33 CST)
  • Shields, Larry (Wed Feb 06 2002 - 13:51:28 CST)
  • zeno (Wed Feb 06 2002 - 14:04:18 CST)
  • The Owasp Project (Wed Feb 06 2002 - 13:15:05 CST)
  • zeno (Wed Feb 06 2002 - 11:49:43 CST)
  • The Owasp Project (Wed Feb 06 2002 - 13:06:08 CST)
  • The Owasp Project (Wed Feb 06 2002 - 13:03:12 CST)
  • zeno (Wed Feb 06 2002 - 12:12:31 CST)
  • Gabriel Lawrence (Wed Feb 06 2002 - 12:15:54 CST)
  • Gabriel Lawrence (Wed Feb 06 2002 - 10:29:35 CST)
  • vertigo (Wed Feb 06 2002 - 10:29:16 CST)
  • Security Coordinator (Wed Feb 06 2002 - 08:54:38 CST)
  • The Owasp Project (Wed Feb 06 2002 - 00:10:01 CST)
• OWASP How to test cookie manipulation [slightly off topic]
  • Gabriel Lawrence (Thu Feb 07 2002 - 12:53:39 CST)
  • Ted Simmons (Thu Feb 07 2002 - 11:28:41 CST)
  • Mike C (Thu Feb 07 2002 - 08:30:50 CST)
• OWASP How to test for ^W^Wavoid SQL Injection
  • Gregory Steuck (Mon Apr 01 2002 - 18:53:29 CST)
• OWASP How to Test for Input Buffer Overflows?
  • Tod Harter (Wed Mar 27 2002 - 11:21:50 CST)
  • Christopher Todd (Mon Mar 25 2002 - 21:19:47 CST)
  • Slow2Show (Mon Mar 25 2002 - 20:47:32 CST)
  • Panayiotis A. Thermos (Mon Mar 25 2002 - 16:29:20 CST)
  • Marc Matteo (Mon Mar 25 2002 - 15:57:53 CST)
  • Michael Howard (Mon Mar 25 2002 - 14:06:08 CST)
  • Tod Harter (Mon Mar 25 2002 - 15:43:00 CST)
  • Panayiotis A. Thermos (Mon Mar 25 2002 - 13:10:43 CST)
  • David Endler (Mon Mar 25 2002 - 12:05:03 CST)
  • Marc Matteo (Mon Mar 25 2002 - 10:48:42 CST)
  • David Endler (Mon Mar 25 2002 - 08:02:10 CST)
  • James Fleming (Sun Mar 24 2002 - 10:24:18 CST)
  • Kurt Seifried (Thu Mar 21 2002 - 21:35:32 CST)
  • Marc Matteo (Thu Mar 21 2002 - 15:46:29 CST)
  • David Endler (Thu Mar 21 2002 - 13:21:08 CST)
• OWASP How to test for SQL Injection
  • Breidenbach, Beth (Mon Apr 01 2002 - 18:02:48 CST)
  • David Endler (Mon Apr 01 2002 - 17:10:57 CST)
• OWASP January Guest Paper - HTTP Authentication
  • Daryl Martin (Mon Jan 07 2002 - 16:59:27 CST)
  • Robert Buljevic (Sun Jan 06 2002 - 07:15:38 CST)
  • Dennis Groves (Sun Jan 06 2002 - 02:42:48 CST)
  • Len_LattanziStanfordAlumni.org (Sat Jan 05 2002 - 20:04:49 CST)
  • Mark Curphey (Sat Jan 05 2002 - 19:17:35 CST)
• OWASP New WebAppSec Requirements Project
  • Mark Curphey (Mon Jan 07 2002 - 22:29:15 CST)
• OWASP open-source development project
  • Mark Curphey (Fri Feb 08 2002 - 15:58:29 CST)
  • Razvan Peteanu (Fri Feb 08 2002 - 18:57:11 CST)
  • vertigo (Fri Feb 08 2002 - 15:41:26 CST)
• OWASP Requirements to build Secure Web Applications
  • Donovan_Denisemc.com (Wed Jan 30 2002 - 12:52:20 CST)
  • Security Coordinator (Wed Jan 30 2002 - 12:28:51 CST)
  • Donovan_Denisemc.com (Wed Jan 30 2002 - 03:21:37 CST)
  • The Owasp Project (Mon Jan 28 2002 - 00:20:52 CST)
• OWASP Security Testing Framework
  • Mark Curphey (Tue Jan 08 2002 - 00:11:20 CST)
• OWASP Site back up
  • Mark Curphey (Fri Mar 01 2002 - 17:02:10 CST)
• OWASP Software Project Manager - Volunteer needed !
  • Mark Curphey (Thu Mar 07 2002 - 21:48:04 CST)
• OWASP Testing Framework Update
  • David Endler (Thu Mar 21 2002 - 12:46:28 CST)
• OWASP Update
  • The Owasp Project (Fri Feb 01 2002 - 00:28:41 CST)
• Peekabooty Thread Dead
  • Mark Curphey (Wed Mar 27 2002 - 11:17:57 CST)
• Planning a test
  • Bruce.Morrisernstyoung.com.au (Mon Jan 21 2002 - 22:17:56 CST)
  • The Owasp Project (Mon Jan 21 2002 - 21:23:02 CST)
• Preventing Buffer Overflows in Web Apps
  • Chip Andrews (Sat Jan 12 2002 - 11:00:10 CST)
  • Chip Andrews (Sat Jan 12 2002 - 08:13:56 CST)
  • Dave Aitel (Fri Jan 11 2002 - 17:48:35 CST)
  • Patrik Birgersson (Fri Jan 11 2002 - 16:33:33 CST)
  • Dave Aitel (Fri Jan 11 2002 - 17:07:39 CST)
  • James Fleming (Fri Jan 11 2002 - 14:41:21 CST)
• Preventing users to use browser "back button" to get into login area?
  • Lincoln Yeoh (Tue Feb 05 2002 - 19:49:45 CST)
  • Matt Kenigson (Tue Feb 05 2002 - 18:07:54 CST)
  • Qubit (Tue Feb 05 2002 - 17:34:36 CST)
  • Security Coordinator (Tue Feb 05 2002 - 17:40:03 CST)
  • Panayiotis A. Thermos (Tue Feb 05 2002 - 16:49:16 CST)
  • Gregory Steuck (Tue Feb 05 2002 - 16:12:30 CST)
  • Patrik Birgersson (Tue Feb 05 2002 - 15:36:27 CST)
• Quality Certification?
  • John Cronican (Fri Feb 01 2002 - 16:01:49 CST)
  • Qubit (Fri Feb 01 2002 - 13:14:58 CST)
• Raw HTTP browser
  • Christopher.Toddey.com (Fri Jan 25 2002 - 12:52:16 CST)
  • fdraegercsc.com (Fri Jan 25 2002 - 11:50:07 CST)
  • Edward.Amdahlguardent.com (Fri Jan 25 2002 - 11:33:01 CST)
  • Sitaram Chamarty (Fri Jan 25 2002 - 11:21:03 CST)
  • Joao Gouveia (Fri Jan 25 2002 - 10:29:45 CST)
  • Andrew.Omanpredictive.com (Fri Jan 25 2002 - 09:56:15 CST)
  • Antonio Jose dos Santos Brandao (Fri Jan 25 2002 - 10:02:48 CST)
  • Lapinski, Michael (CRD) (Fri Jan 25 2002 - 09:42:26 CST)
  • Slow2Show (Fri Jan 25 2002 - 02:47:26 CST)
• RE : OWASP : What to test?
  • Mark Curphey (Sun Jan 13 2002 - 00:05:59 CST)
  • James Fleming (Fri Jan 11 2002 - 18:17:26 CST)
  • c c (Fri Jan 11 2002 - 17:39:09 CST)
• Re : OWASP Requirements to build Secure Web Applications
  • Security Coordinator (Tue Feb 19 2002 - 13:49:17 CST)
  • Nik Cubrilovic (Tue Feb 19 2002 - 12:32:38 CST)
  • Electronic Fun (Tue Jan 29 2002 - 15:44:16 CST)
  • James Fleming (Tue Jan 29 2002 - 11:57:00 CST)
• Secure Token Generation
  • David Endler (Mon Mar 18 2002 - 10:19:32 CST)
  • r s (Tue Mar 12 2002 - 09:36:39 CST)
  • Security Coordinator (Tue Mar 12 2002 - 09:10:16 CST)
  • Whyte, Jesse (Mon Mar 11 2002 - 14:27:29 CST)
  • Markus Kern (Mon Mar 11 2002 - 10:15:41 CST)
  • Peter Conrad (Mon Mar 11 2002 - 02:41:30 CST)
  • Noam Ben-Yochanan (Mon Mar 11 2002 - 01:28:24 CST)
  • droby10 (Sun Mar 10 2002 - 09:49:52 CST)
  • Markus Kern (Sat Mar 09 2002 - 15:55:30 CST)
  • Markus Kern (Sat Mar 09 2002 - 11:18:46 CST)
  • Teodor Cimpoesu (Sat Mar 09 2002 - 05:29:19 CST)
  • Security Coordinator (Fri Mar 08 2002 - 16:27:39 CST)
  • Security Coordinator (Thu Mar 07 2002 - 08:28:27 CST)
  • Nancy Gabriel (Thu Mar 07 2002 - 16:18:18 CST)
  • Jay D. Thomson (Thu Mar 07 2002 - 07:39:44 CST)
  • Security Coordinator (Thu Mar 07 2002 - 08:58:58 CST)
  • Michael Howard (Wed Mar 06 2002 - 19:10:37 CST)
  • Elan Hasson (Wed Mar 06 2002 - 19:40:23 CST)
  • Elan Hasson (Wed Mar 06 2002 - 18:10:41 CST)
  • denebunixwave.org (Wed Mar 06 2002 - 18:01:34 CST)
  • Michael Howard (Wed Mar 06 2002 - 17:50:47 CST)
  • rain forest puppy (Wed Mar 06 2002 - 17:55:07 CST)
  • rain forest puppy (Wed Mar 06 2002 - 17:44:56 CST)
  • rain forest puppy (Wed Mar 06 2002 - 17:04:49 CST)
  • HarryM (Wed Mar 06 2002 - 17:10:38 CST)
  • HarryM (Wed Mar 06 2002 - 16:33:58 CST)
  • Gabriel Lawrence (Wed Mar 06 2002 - 12:58:43 CST)
  • rain forest puppy (Wed Mar 06 2002 - 13:30:01 CST)
  • Gabriel Lawrence (Wed Mar 06 2002 - 13:36:51 CST)
  • rain forest puppy (Wed Mar 06 2002 - 13:28:05 CST)
  • Derek (Wed Mar 06 2002 - 12:05:39 CST)
  • Nik Cubrilovic (Wed Mar 06 2002 - 11:23:22 CST)
  • Mark Curphey (Wed Mar 06 2002 - 11:22:24 CST)
  • Shields, Larry (Wed Mar 06 2002 - 10:24:31 CST)
  • HarryM (Wed Mar 06 2002 - 10:00:13 CST)
  • rain forest puppy (Wed Mar 06 2002 - 00:50:38 CST)
  • denebunixwave.org (Wed Mar 06 2002 - 08:11:07 CST)
  • Matt Sergeant (Wed Mar 06 2002 - 05:18:43 CST)
  • Lincoln Yeoh (Tue Mar 05 2002 - 23:56:12 CST)
  • Nancy Gabriel (Tue Mar 05 2002 - 23:38:36 CST)
  • rain forest puppy (Tue Mar 05 2002 - 22:27:55 CST)
  • Nancy Gabriel (Tue Mar 05 2002 - 21:14:51 CST)
  • rain forest puppy (Tue Mar 05 2002 - 19:38:24 CST)
  • Michael Howard (Tue Mar 05 2002 - 19:02:51 CST)
  • rain forest puppy (Tue Mar 05 2002 - 19:04:53 CST)
  • HarryM (Tue Mar 05 2002 - 16:15:24 CST)
  • Brant_Thomsen3com.com (Tue Mar 05 2002 - 16:16:04 CST)
  • Noam Eppel (Tue Mar 05 2002 - 16:12:59 CST)
  • Michael Howard (Tue Mar 05 2002 - 14:03:13 CST)
  • Innes Fisher (Tue Mar 05 2002 - 13:49:18 CST)
  • HarryM (Tue Mar 05 2002 - 16:15:12 CST)
  • Michael Howard (Tue Mar 05 2002 - 11:43:55 CST)
  • Kurt Seifried (Tue Mar 05 2002 - 12:56:52 CST)
  • David Endler (Tue Mar 05 2002 - 11:38:50 CST)
  • Security Coordinator (Tue Mar 05 2002 - 09:53:20 CST)
  • Derek (Tue Mar 05 2002 - 07:36:38 CST)
  • denebunixwave.org (Tue Mar 05 2002 - 02:35:02 CST)
  • Innes Fisher (Mon Mar 04 2002 - 15:38:03 CST)
• Single Sign On
  • Stephane Nasdrovisky (Mon Jan 28 2002 - 11:02:29 CST)
  • James Fleming (Thu Jan 24 2002 - 14:49:55 CST)
  • Ilya Zherebetskiy (Thu Jan 24 2002 - 09:51:58 CST)
  • Ron Thigpen (Thu Jan 24 2002 - 10:15:34 CST)
  • Darren Stokes (Thu Jan 24 2002 - 08:02:40 CST)
• Single Sign On (Thanks)
  • Darren Stokes (Wed Jan 30 2002 - 09:00:54 CST)
• Sleuth 1.3 out
  • dzzieyahoo.com (Sun Mar 31 2002 - 12:40:51 CST)
• So what should be in a testing framework ?
  • James Fleming (Wed Jan 09 2002 - 11:42:27 CST)
  • Dawes, Rogan (ZA - Johannesburg) (Wed Jan 09 2002 - 01:04:00 CST)
  • Mark Curphey (Tue Jan 08 2002 - 00:12:35 CST)
• Source Code Discloser
  • Matt Petteys (Tue Mar 19 2002 - 17:24:46 CST)
  • burak dayioglu (Tue Mar 19 2002 - 12:57:33 CST)
  • Sebastian Flothow (Tue Mar 19 2002 - 15:25:37 CST)
  • Ailean Mhorgainn (Tue Mar 19 2002 - 12:06:44 CST)
  • Teodor Cimpoesu (Tue Mar 19 2002 - 09:12:31 CST)
  • rajealcatraz.com (Tue Mar 19 2002 - 02:46:11 CST)
• SPI Labs SQL Injection Whitepaper Available
  • Matt Sergeant (Wed Jan 30 2002 - 04:26:26 CST)
  • spi labs (Tue Jan 29 2002 - 20:02:11 CST)
• SQL GUID as a session authentication token
  • Tom McAdam (Wed Feb 06 2002 - 09:51:58 CST)
  • Chris Scott (Wed Feb 06 2002 - 10:13:21 CST)
  • scott wood (Wed Feb 06 2002 - 10:37:30 CST)
  • Neil (Wed Feb 06 2002 - 09:03:47 CST)
  • Innes Fisher (Wed Feb 06 2002 - 02:14:16 CST)
• SQL injection MySQL PHP Question
  • HarryM (Fri Feb 08 2002 - 10:37:03 CST)
  • Security Coordinator (Fri Feb 08 2002 - 10:04:03 CST)
  • Artur Nikitin (Fri Feb 08 2002 - 02:19:06 CST)
  • Ashley Woodbridge (Thu Feb 07 2002 - 23:23:00 CST)
• SSL Hardware
  • zeno (Wed Feb 20 2002 - 07:46:38 CST)
• SSL Question
  • jotwaycsc.com.au (Sun Feb 17 2002 - 18:23:37 CST)
  • Bruce.Morrisernstyoung.com.au (Sun Feb 17 2002 - 16:06:39 CST)
  • Maarten Hartsuijker (Fri Feb 15 2002 - 15:55:59 CST)
  • Shripal (Fri Feb 15 2002 - 04:28:50 CST)
  • Dimitrios Petropoulos (Fri Feb 15 2002 - 01:08:35 CST)
  • Kurt Seifried (Thu Feb 14 2002 - 12:26:12 CST)
  • Dawes, Rogan (ZA - Johannesburg) (Thu Feb 14 2002 - 10:31:11 CST)
  • Niall O Malley (LMI) (Thu Feb 14 2002 - 07:05:41 CST)
• Stack smashing and black boxing and tigers and bears oh my.
  • Lincoln Yeoh (Mon Mar 25 2002 - 23:02:33 CST)
  • Kurt Seifried (Mon Mar 25 2002 - 16:30:44 CST)
• Stupid question on entropy...
  • John Kinsella (Fri Mar 08 2002 - 01:09:33 CST)
  • rain forest puppy (Thu Mar 07 2002 - 13:54:05 CST)
  • Gabriel Lawrence (Thu Mar 07 2002 - 14:09:42 CST)
  • Gabriel Lawrence (Thu Mar 07 2002 - 11:52:13 CST)
• Suggestions for secure HTTP basic authentication
  • Len_LattanziStanfordAlumni.org (Sun Jan 06 2002 - 12:30:59 CST)
• SV: Detecting if SecureIIS from Eeye is installed
  • Brass, Phil (ISS Atlanta) (Thu Jan 24 2002 - 15:00:33 CST)
  • James Fleming (Thu Jan 24 2002 - 14:51:53 CST)
  • Patrick Ohlson (Thu Jan 24 2002 - 01:33:42 CST)
• Testing Framework
  • auto125268hushmail.com (Tue Jan 08 2002 - 20:26:00 CST)
  • James Fleming (Tue Jan 08 2002 - 15:45:10 CST)
• Testing Taxonomy
  • Jerry Connolly (Thu Jan 17 2002 - 19:35:08 CST)
  • James Fleming (Thu Jan 17 2002 - 16:55:18 CST)
  • Rob Chanter (Thu Jan 17 2002 - 16:43:14 CST)
  • James Fleming (Thu Jan 17 2002 - 16:29:01 CST)
  • Wall, Kevin (Thu Jan 17 2002 - 15:26:30 CST)
  • The Owasp Project (Thu Jan 17 2002 - 14:44:23 CST)
• Using JAAS for a Web application?
  • John Avery (Wed Jan 09 2002 - 15:10:26 CST)
  • Dawes, Rogan (ZA - Johannesburg) (Wed Jan 09 2002 - 01:29:49 CST)
• Vulnerability in Apache for Win32 batch file processing - Remote command execution
  • Ory Segal (Thu Mar 21 2002 - 11:06:46 CST)
• WebApp Security Holes
  • Wayne Browning (Sat Jan 12 2002 - 15:59:12 CST)
  • Yasutaka Ito (GrapeCity India) (Fri Jan 11 2002 - 23:47:36 CST)
• Webappsec FAQ?
  • zeno (Fri Feb 08 2002 - 11:52:56 CST)
  • zeno (Fri Feb 08 2002 - 10:35:22 CST)
  • Security Coordinator (Fri Feb 08 2002 - 09:54:38 CST)
  • josh smith (Fri Feb 08 2002 - 09:50:25 CST)
  • HarryM (Fri Feb 08 2002 - 03:21:10 CST)
  • The Picard (Thu Feb 07 2002 - 22:57:57 CST)
  • Andrew.Omanpredictive.com (Thu Feb 07 2002 - 21:26:08 CST)
  • The Picard (Thu Feb 07 2002 - 20:33:50 CST)
  • josh smith (Thu Feb 07 2002 - 09:34:49 CST)
  • Elan Hasson (Wed Feb 06 2002 - 22:15:55 CST)
  • The Picard (Wed Feb 06 2002 - 21:25:24 CST)
  • Security Coordinator (Mon Feb 04 2002 - 17:09:55 CST)
  • Panayiotis A. Thermos (Mon Feb 04 2002 - 15:31:21 CST)
  • Jeff Hunsaker (Mon Feb 04 2002 - 09:57:08 CST)
  • josh smith (Mon Feb 04 2002 - 13:50:07 CST)
  • Spencer Harbar (Mon Feb 04 2002 - 11:01:08 CST)
  • Elan Hasson (Mon Feb 04 2002 - 09:12:49 CST)
  • Security Coordinator (Mon Feb 04 2002 - 08:20:12 CST)
  • HarryM (Mon Feb 04 2002 - 00:06:29 CST)
  • Lincoln Yeoh (Sun Feb 03 2002 - 22:54:18 CST)
• webappsecsecurityfocus.com
  • bandaidhushmail.com (Tue Feb 05 2002 - 08:01:53 CST)
• website protection gizmos
  • Noam Ben-Yochanan (Tue Feb 05 2002 - 08:12:13 CST)
  • Security Coordinator (Tue Feb 05 2002 - 08:07:04 CST)
  • Dennis Groves (Mon Feb 04 2002 - 20:42:02 CST)
  • rain forest puppy (Mon Feb 04 2002 - 19:48:41 CST)
  • Steve (Mon Feb 04 2002 - 18:20:22 CST)
  • Marshall Weatherly (Mon Feb 04 2002 - 18:24:34 CST)
  • Fernando Martins (Mon Feb 04 2002 - 18:00:13 CST)
  • dendleridefense.com (Mon Feb 04 2002 - 17:04:19 CST)
  • Gavin Reid (Mon Feb 04 2002 - 17:45:09 CST)
  • Masongsong, Manny (Mon Feb 04 2002 - 17:36:39 CST)
  • rain forest puppy (Mon Feb 04 2002 - 15:54:26 CST)
• White Paper on Peekabooty
  • Steve Drees (Wed Mar 27 2002 - 09:00:32 CST)
  • Slow2Show (Wed Mar 27 2002 - 00:15:55 CST)
  • John Galt (Tue Mar 26 2002 - 16:16:08 CST)
  • Kurt Seifried (Tue Mar 26 2002 - 16:14:59 CST)
  • zeno (Tue Mar 26 2002 - 16:01:59 CST)
  • Steve Drees (Tue Mar 26 2002 - 15:44:37 CST)
  • zeno (Tue Mar 26 2002 - 13:56:16 CST)
  • David Endler (Tue Mar 26 2002 - 14:14:20 CST)
  • David Endler (Tue Mar 26 2002 - 13:01:33 CST)
• XSS article for Perl folks...
  • Gabriel Lawrence (Mon Mar 04 2002 - 13:27:23 CST)

Last message date: Mon Apr 01 2002 - 19:15:00 CST
Archived on: Mon Apr 01 2002 - 19:15:03 CST