Soroush Dalili (@irsdl) – سروش دلیلی

Web AppSec ninja, semicolon character enthusiast!

Skip to content

Home
Advisories
Privacy Policy

The Web Application Security Consortium Threat Classification v2.0

After OWASP updated its Top 10, now I’m very glad to quote this:

The Web Application Security Consortium (WASC) is pleased to announce the long awaited release of the WASC Threat Classification v2.0.

You can read more information from these links: http://projects.webappsec.org/Threat-Classification and http://projects.webappsec.org/f/WASC-TC-v2_0.pdf

Cheers,

Soroush

This entry was posted in Normal Posts, Security Posts and tagged WASC Threat Classification v2.0, Web Application Security Consortium Threat Classification on January 4, 2010 by Soroush Dalili.

Post navigation

← Microsoft Contradiction IE7-8 drive list enumeration! →

Search for:

Social

Follow me on:

Recent Posts

Danger of Stealing Auto Generated .NET Machine Keys May 10, 2019
x-up-devcap-post-charset Header in ASP.NET to Bypass WAFs Again! May 4, 2019
Exploiting Deserialisation in ASP.NET via ViewState April 23, 2019
Yet Other Examples of Abusing CSRF in Logout April 23, 2019
How to win BIG and even more! April 17, 2019
Finding and Exploiting .NET Remoting over HTTP using Deserialisation March 26, 2019
More research on .NET deserialization December 19, 2018
Feel honoured to be there again after 8 years: Top 10 Web Hacking Techniques of 2017 December 19, 2018
Story of my two (but actually three) RCEs in SharePoint in 2018 December 19, 2018
ASP.NET resource files (.RESX) and deserialization issues August 12, 2018
MS 2018 Q4 – Top 5 Bounty Hunter for 2 RCEs in SharePoint Online August 12, 2018
WAF Bypass Techniques – Using HTTP Standard and Web Servers’ Behaviour August 12, 2018
SMB hash hijacking & user tracking in MS Outlook August 12, 2018
Bug Bounty vs Penetration Testing (Simple Unbiased Comparison) February 20, 2018
Rare ASP.NET request validation bypass using request encoding February 20, 2018

Archives

Blog Tags

reddit.com netsec Channel Feed

Windows Incident Response Cheat Sheet June 16, 2019
Yubico does product recall of FIPS YubiKey due to reduced entropy June 16, 2019
Solving each and every FB-CTF challenge - PART 1 June 15, 2019
DistroTest.net - The first online operating system tester June 15, 2019
Antivirus Evasion with Python June 15, 2019

SecurityFocus Feed

Vuln: Apache HTTP Server CVE-2019-0220 Remote Security Vulnerability
Vuln: Apache HTTP Server CVE-2019-0197 Denial of Service Vulnerability
Vuln: Apache httpd CVE-2019-0196 Security Bypass Vulnerability
Vuln: RETIRED: Microsoft Windows Task Scheduler CVE-2019-1069 Local Privilege Escalation Vulnerability
Bugtraq: [SECURITY] [DSA 4269-1] postgresql-9.6 security update

Exploit-DB Feed

[local] Pronestor Health Monitoring < 8.1.11.0 - Privilege Escalation
[webapps] Sitecore 8.x - Deserialization Remote Code Execution
[webapps] FusionPBX 4.4.3 - Remote Command Execution
[papers] LDAP Swiss Army Knife
[local] ProShow 9.0.3797 - Local Privilege Escalation

Privacy Policy Proudly powered by WordPress