A community around the OWASP Live CD and Web Application Security.

Welcome

Welcome to AppSecLive.org! We are an online community focused on, you guessed it, web application security. We welcome all folks from all arenas to join us in discussing everything from tools to techniques relating to the security of the web. AppSecLive.org is also the new home of the OWASP Live CD, which is maintained by Matt Tesauro. This is where you will find support for the OWASP Live CD.

A few quick pointers:

OWASP Web Testing Environment (WTE) Preview - Part 1

Submitted by fleec3 on Mon, 01/04/2010 - 22:05

So, we're finalizing some stuff for the OWASP Live CD (which is now being renamed to the OWASP Web Testing Environment (WTE) ) and I wanted to give you a preview of some of the great, great eye candy we're proof-of-concepting right now.  Without further ado, I give you the OWASP WTE Preview ...

 

Gearin’ Up For 2010

Submitted by fleec3 on Mon, 01/04/2010 - 14:36

Hey Everyone,

Here at AppSecLive.org, we’re gearing up for the New Year in a big way and I thought I’d take a few minutes to introduce myself and bring you, the AppSecLive.org community, up to date on what’s new in the world of the OWASP Live CD. And speaking of what’s new, I’ll bet your wondering who I am.

Recent Security News Discussion

Submitted by bradcausey on Tue, 07/07/2009 - 12:42

There has been quite a bit of discussion around some recent security issues. The first of which is a zero day MS exploit in IE. Details here:
 

[Living with Linux] Firefox 3.5 released – why wait for the repos?

Submitted by mtesauro on Wed, 07/01/2009 - 15:11

So you may have heard that Firefox 3.5 just got released yesterday. If you just can't wait, you can get it here.  If you're like me, you're running Linux and hate waiting for the latest, greatest to make it to the repos. Also, you're paranoid and want to do minor upgrades with the built-in FF update mechanism ASAP instead of waiting for the repos to chatch up. Well my friend, you can. Its easy and will only cost you about 27 MB of disk space.

Can ubuntu change your oil?

Submitted by bradcausey on Wed, 07/01/2009 - 13:19

If you visit any modern Express Oil Change, it sure can help!!

 

 

 

 

Now seriously, Matt and I have started noticing Ubuntu and other GPL'd operating systems running all over the place. Think about it...

 

Interview with Ross Anderson - OWASP Podcast #28

Submitted by mtesauro on Mon, 06/29/2009 - 09:29

I apologize for the shameless self promotion, but I wanted to let you know that the interview I did with Ross Anderson at AppSec EU 2009 is now available here and on iTunes.  It covers some very interesting topics and expands on some of the issues raised in his keynote on

rXSS, is it really all _that_ dangerous?

Submitted by bradcausey on Fri, 06/26/2009 - 09:56

Why intranet applications are the new attack vector

Submitted by bradcausey on Thu, 06/18/2009 - 13:03

Typically, companies give less security considerations to the web sites that they host internally on the intranet. This is understandable, given that the only users are trusted folks, and probably aren't going to try anything anyway. Most internal users do not have the technical skills to be a 1337 haxx0r and perform SQLi attacks on vulnerable web forms, and store XSS scripts on company knowledge bases. Now, I know what you are thinking.

 

 

Lots of App Sec news

Submitted by bradcausey on Tue, 06/09/2009 - 08:20

I leave for a few days, come back and the security community has gone crazy with lots of exciting news. Here are a few things worth checking out:
 

Syndicate content