1 Kicks

OWASP Top 10 for .NET developers part 4: Insecure direct object refs(www.troyhunt.com)

submitted by troyhunttroyhunt(831) 1 year, 8 months ago

Consider for a moment the sheer volume of information that sits out there on the web and is accessible by literally anyone. No authentication required, no subversive techniques need be employed, these days just a simple Google search can turn op all sorts of things. It’s no wonder developers often implement solutions with the full expectation it will only ever be accessed in the intended context, unaware (or unconcerned) that just a little bit of exploration and experimenting can open some fairly major holes in their app. This posts looks into the role insecure direct object references play and how .NET developers might secure their code against this vulnerability.

add a comment |category: |Views: 15

tags: another

new Add a live kick counter to your blog >> liveImage

You can even customize the image by choosing your own colors, and then clicking the button below to update the preview and the html code:

  • "Kick It" text
  • "Kick It" background
  • kick count text
  • kick count background
  • border

Simply copy and paste this HTML into your blog post.


Users who kicked this story:
troyhunttroyhunt(831)
Comments:

No comments so far

information Login or create an account to comment on this story
Submit a Story
View upcoming stories
How else can I help?
Add our feeds to your site

Most Active Users

What's this?