Welcome to the new and improved CGISecurity.com! After years of using the old design I’ve decided it was time for a change and thanks to my homeboy Romain we have a new design. In addition to the design you can now post comments, get partial story bodies in RSS feeds, and actually view the site from a mobile device. For now this new design is only working on .org and site functionality will be broken. Please visit cgisecurity.com for our main working site.
Welcome to the new website!
Favorite Links
- Security Templates (New)
- The Web Application Security Consortium
- QA Security
- The Web Security Mailing List
- Romain Gaucher’s Blog
- Jeremiah Grossman’s Blog
Popular Pages
WASC Threat Classification
- Abuse of Functionality
- Application Misconfiguration
- Brute Force Attack
- Content Spoofing
- Credential/Session Prediction
- Denial of Service
- Directory Indexing
- Information Leakage
- Remote File Inclusion Attack
- Routing Detour Attack
- SOAP Array Abuse
- XML Attribute Blowup
- XML Injection
- XML External Entity Attack