ABCDEFGHIJKLMNOPQRSTUVWXYZ
1
OWASP Java Category - Wiki Pages Review Operation - 2015/2016
2
Pages can be accessed via: https://www.owasp.org/index.php/OWASP_Java_Project_WIPRO_1_2015
3
4
Please add your comments in the second column, optionally adding your name. Rule: Be professional.
5
6
7
8
Wiki PagesUse the "Add comments" functionality
9
Bytecode obfuscation
10
Captchas in Java
11
Clickjacking Protection for Java EE
12
Command injection in Java
13
Comparing classes by name
14
Complejidad Y Longitud De Las Contraseñas
15
Content Security Policy
16
CORS OriginHeaderScrutiny
17
CORS RequestPreflighScrutiny
18
Cross-site Scripting (XSS)
19
Declarative Access Control in Java
20
Decompiling Java bytecode
21
Deserialization of untrusted data
22
Detect profiling phase into web application
23
Digital Signature Implementation in Java
24
Exception handling techniques
25
Failure to follow guideline/specification
26
Hacking Java Clients
27
Hashing Java Mark Gordon volountered to review the information, and bring it to the State-Of-The-Art-2015. Thank you!Word in progress
28
Hibernate
29
Hibernate-Guidelines
30
How to add validation logic to HttpServletRequest
31
How to encrypt a properties file
32
Implementacion De Firmas Digitales en Java
33
Improper Data Validation
34
Improper temp file opening
35
Information Leakage
36
Insecure Randomness
37
Insecure Transport
38
Insufficient Session-ID Length
39
Invoking untrusted mobile code
40
Inyección De Comandos En Java
41
J2EE Misconfiguration: Unsafe Bean Declaration
42
J2EE third party libraries insecurity
43
JAAS Timed Login Module
44
JAAS Tomcat Login Module
45
Java Project Article Wishlist
46
Java Security Frameworks
47
Java Security Resources
48
Java Server Faces
49
JSP errorPage
50
JSP JSTL
51
Leftover Debug Code
52
Log Forging
53
Logout
54
Member Field Race Condition
55
Missing Error Handling
56
Mobile Java Security
57
Null Dereference
58
Object Model Violation: Just One of equals() and hashCode() Defined
59
Often Misused: Authentication
60
Overly-Broad Catch Block
61
Overly-Broad Throws Declaration
62
OWASP CSRFGuard Project/es
63
OWASP Java Table of Contents
64
Parameter Validation Filter
65
Password length & complexity
66
Password Management: Hardcoded Password
67
Password Management: Weak Cryptography
68
Password Plaintext Storage
69
PDF Attack Filter for Java EE
70
Poor Logging Practice
71
Preventing LDAP Injection in Java
72
Preventing SQL Injection in Java
73
Process Control
74
Protecting code archives with digital signatures
75
Reflection attack in an auth protocol
76
Return Inside Finally Block
77
Securing tomcat
78
Servlet spec - web.xml
79
Session Fixation
80
Session Timeout
81
Signing jar files with jarsigner
82
State synchronization error
83
Struts
84
Struts Validation in an ActionForm
85
Struts Validation in validator.xml using an ActionForm
86
Struts XSLT Viewer
87
Traducción Español
88
Trust Boundary Violation
89
Trustworthy Java
90
Uncaught exception
91
Unchecked Return Value: Missing Check against Null
92
Unreleased Resource
93
Unsafe JNI
94
Unsafe Mobile Code
95
Unsafe Reflection
96
Using JCaptcha
97
Using the Java Cryptographic Extensions
98
Using the Java Secure Socket Extensions
99
XPATH Injection Java
100
OWASP's_ESAPI_Wiki_for_Java! Page totally out of "ESAPI" project line and from 2010. Flaged as TBDELETED.