The 2021 OWASP Top 10 Have Evolved: Here's What You Should Know

Late last week, the Open Web Application Security Project OWASP released its top 10 list of critical web application security risks. The last OWASP Top 10 came out in 2017, and in the intervening 4 years, we've seen a fundamental shift in application security that includes greater emphasis on...

XSS Hunter – A Modern Approach to Testing for Cross-site Scripting (XSS)

Cross-site Scripting XSS origins go arguably back to a lab in Microsoft in 1999. With the first disclosure of the issue titled “ Malicious HTML Tags Embedded in Client Web Requests “, this research sparked an entire generation of an attack that somehow still seems to persist in modern web...

[Dradis Pro v1.7] Framework to enable effective information sharing

Dradis Pro is framework to enable effective information sharing, specially during security assessments. Dradis is a self-contained web application that provides a centralised repository of information to keep track of what has been done so far, and what is still ahead. Changelog v1.7 This is the...