kwwall
ESAPI project co-lead; senior application security engineer at Verisign.
VerisignCentral OH, USA
Pinned Repositories
antisamy
a library for performing fast, configurable cleansing of HTML coming from untrusted sources
Benchmark
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
commons-fileupload
Warning - do not fork this. Apache Commons FileUpload is a robust, high-performance, file upload capability to your servlets and web applications
DevGuide
The OWASP Guide
esapi-java-legacy
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications.
owasp-change.github.io
An Open Letter to the OWASP Board
owasp-java-encoder
The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!
owasp-swag
Swag for the OWASP projects and chapters
presentations
Public presentations - Licensed under CC BY-NC-SA 3.0 US
kwwall's Repositories
kwwall/antisamy
a library for performing fast, configurable cleansing of HTML coming from untrusted sources
kwwall/Benchmark
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
kwwall/CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
kwwall/commons-fileupload
Warning - do not fork this. Apache Commons FileUpload is a robust, high-performance, file upload capability to your servlets and web applications
kwwall/DevGuide
The OWASP Guide
kwwall/esapi-java-legacy
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications.
kwwall/owasp-change.github.io
An Open Letter to the OWASP Board
kwwall/owasp-java-encoder
The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!
kwwall/owasp-swag
Swag for the OWASP projects and chapters
kwwall/presentations
Public presentations - Licensed under CC BY-NC-SA 3.0 US
kwwall/www-project-enterprise-security-api
OWASP Foundation Web Respository
kwwall/xss-encoder-wrapper
Provide Clojure wrapper functions to the OWASP Java Encoder library's the important 'Encode' static methods as a defense against Cross-Site Scripting (XSS)
kwwall/zaproxy-wki