

Finding Web Vulnerabilities (a primer) - hoop
http://www.charleshooper.net/blog/finding-web-vulnerabilities/

======
iuguy
This is an interesting overview but it explains more the process followed by
the author when a worked example might be more helpful to others.

If you found the author's post interesting and would like to see some
practical examples of how to test for application security vulnerabilities,
then the following will help get you up to speed:

[http://www.owasp.org/index.php/Category:OWASP_Testing_Projec...](http://www.owasp.org/index.php/Category:OWASP_Testing_Project)

[http://www.owasp.org/index.php/Category:OWASP_Code_Review_Pr...](http://www.owasp.org/index.php/Category:OWASP_Code_Review_Project)

~~~
Xurinos
Is there a no-JavaScript version of this? I had to cancel the body {display:
none} setting in order to see the site (usability failure), and I cannot
imagine why it was necessary they hide the content like that.

Edit: Here we go:

The testing guide:
<http://www.owasp.org/images/5/56/OWASP_Testing_Guide_v3.pdf>

The code review stuff: <http://www.lulu.com/content/5678680>

