Hi Team, Anybody can help me with the Sharepoint 2013 CSRF issue, any idea or suggestions to remove the CSRF attack in default pages of sharepoint 2013 portal?
Thanks and Regards, Anuj Gupta On Wed, Aug 6, 2014 at 8:52 PM, <owasp-delhi-requ...@lists.owasp.org> wrote: > Send OWASP-Delhi mailing list submissions to > owasp-delhi@lists.owasp.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.owasp.org/mailman/listinfo/owasp-delhi > or, via email, send a message with subject or body 'help' to > owasp-delhi-requ...@lists.owasp.org > > You can reach the person managing the list at > owasp-delhi-ow...@lists.owasp.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of OWASP-Delhi digest..." > > > Today's Topics: > > 1. nullcon CFP is open (nullcon) > 2. Re: DOM-based XSS risk rating (Padma Anand) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Wed, 6 Aug 2014 18:14:53 +0530 > From: nullcon <null...@nullcon.net> > To: owasp-delhi@lists.owasp.org > Subject: [OWASP-Delhi] nullcon CFP is open > Message-ID: > < > cabzsstzfn6q2bp3vhu6k05zkkm760onu3th1zvrf4ukeyj-...@mail.gmail.com> > Content-Type: text/plain; charset="utf-8" > > Dear Security Gurus, > > 6th year | CFP opens on 6th Aug 2014 | conference on 6th Feb 2015. > > Welcome to nullcon 666! Bring out the beast in you. > http://en.wikipedia.org/wiki/666_(number) > > we are happy to open the CFP. Time to tickle your gray cells and submit > your research. > Training: 4th-5th Feb 2015 > Conference: 6th-7th Feb 2015 > > CFP 666 > ======= > Website - http://nullcon.net > > Submit under any of the below options > Papers (40 mins - 1 hr) > Events (Sub-events, Competitions, CTF, BOFs) > Recreation (Fun events, Games, Parties, Tech Rock bands, Djs) > Tutorials (2-3hrs Workshops, hacking villages) > > > Submission Topics > ============== > - Anything that aligns with our motto - "The neXt security thing!" is > welcome. > - And as a special consideration for 666 anything beastly devilish is also > welcome. > > Categories > ======== > The talk time duration includes time for questions and answers (5-10 > minutes) > > - New Research Category (40 mins - 1 hr) - is a deep knowledge technical > track that includes new research, tools, vulnerabilities, zero days or > exploits. > > - Desi Jugaad (30 mins - 1 hr) - is our signature new research category > talk and includes any local hacks. This category is dedicated to hackers > who find innovative tech/non-tech solutions for real-life challenges. > > - Current Research Category (30 mins - 1 hr) - comprises of known > security issues, case studies, twist to an existing research, tool, > vulnerability, exploit or research-in-progress. Although this track is > fairly technical, it covers known techniques, analysis and research already > published or presented even though there might be some additions to it. > > - Tool Category (30 mins - 1 hr) - Comprises of open source security > tools, exploits, frameworks etc. This is an excellent opportunity for the > original authors to showcase their software to the world. > > > Submission Format > =============== > Email the paper to: c...@nullcon.net > The subject should be: CFP Goa 2015 < Paper Title > > > Email Body: > 1. Name > 2. Handle > 3. Talk Category > (Mentioned above i.e. > - For talks - new research/current research/desi Jugaad/tool. > - For other things - Event/Recreation/Tutorials) > 4. Time required (including 5-10 mins of QA) > 5. Paper Title > 6. Country (and City) of residence > 7. Organization and Designation > 8. Contact Number > 9. Have you presented or submitted this paper at any other > conference(s) or magazine(s)? > Yes, No. If yes, where? and how this submission is different from the > previous ones. Note that new research talks already given elsewhere or are > due to be given elsewhere prior to nullcon will be considered as current > research category talks unless they consist of cutting edge and ground > breaking technology, which is at the judgment of the review committee. > > 10. Are you releasing an open source tool? > Yes/No. (If yes, please include the source code for review) > > 11. Are you releasing an exploit? > Yes/No. (If yes, please include the source and vulnerability details > for review) > > 12. Are you releasing a new vulnerability/Zero-day? > Yes/No. (If yes, please send us the details, including reproduction > procedure, for review) > > 13. Why do you think your paper is different/innovative (for all > categories) and how does it qualify as new work/research(for Research > category only)? > > 14. Are there any live demonstrations (These earn you good points > during review)? > Yes/No. (If Yes, how many? Also please explain each demo) > > 15. Brief Profile ( less than or equal to 500 Words) > > 16. Paper Abstract > Please provide detailed working or your research/work. The more details > you provide the better it is for the reviewers. Please keep the abstract to > the point. Please do not try to hide the technical details or say "I can't > disclose it till bla bla" as it does not help the reviewers in any way and > may give your paper a low score because of insufficient information > available in the abstract. > > 17. Your high resolution photo (attached) > > Note > ==== > - Only the original authors should submit their research and any > submission from a third party will be rejected. > - The Abstract should clearly mention the techniques and hacks in detail > and merely mentioning that it works will not help in understanding the > research to its full extent. > - Be as descriptive as possible in the abstract. > - Attach your source code/exploit/full paper along with the submission > - nullcon is an open knowledge/research sharing platform and hence > product/company marketing and pitches will be rejected. We request you not > to submit any product specific talk. > > Important Dates > ============ > CFP Opens: 6th Aug 2014 > 1st round of Speaker list Online: 6th Sept 2014 > CFP Closing Date: 1st Nov 2014 > Final speakers List online: 6th Nov 2014 > Detailed Paper submission by selected speakers: 6th Jan 2015 > Training Dates: 4th-5th Feb 2015 > Conference Dates: 6th-7th Feb 2015 > > Review > ====== > We have an external review panel that scores the papers and based on the > scoring we take a call on acceptance of papers. > > Speaker Benefits > ============= > For the New Research and Desi Jugaad Category > ------------------------------------------------------------------------ > Travel Reimbursement (Either actuals or the below mentioned amounts, > whichever is less) > - International Speaker (USD 1000) > - National Speaker (INR 7000) > Complimentary Accommodation for 3 nights. > Complimentary VIP conference pass. > Invitation to speaker party. > Invitation to Mehfil-E-Mausiqi (networking cocktail). > > For the Current Research and Tool Category > ---------------------------------------------------------------- > Complimentary shared accommodation near the venue for 2 nights. > Complimentary VIP conference pass. > Invitation to speaker party. > Invitation to Mehfil-E-Mausiqi (networking cocktail) > > Terms > ===== > * Only one speaker will be eligible for the benefits in case there are two > or more speakers for a talk. > ** By submitting a paper and agreeing to talk at nullcon you give Payatu > Technologies Pvt. Ltd. the right to post, publish, re-distribute online and > offline, soft and/or hard copies of your presentation material including > slides, source code, detailed paper and the recorded video of the > presentation and you. > > Regards, > nullcon Team > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://lists.owasp.org/pipermail/owasp-delhi/attachments/20140806/730631f6/attachment-0001.html > > > > ------------------------------ > > Message: 2 > Date: Wed, 6 Aug 2014 15:17:59 +0100 > From: Padma Anand <padma.an...@gmail.com> > To: "Vishal A." <vishal.asth...@owasp.org> > Cc: owasp-delhi@lists.owasp.org > Subject: Re: [OWASP-Delhi] DOM-based XSS risk rating > Message-ID: > < > caclnd2gg-xsk7eva1bpdvrjixf2spdac8ycia4p6vlazp-f...@mail.gmail.com> > Content-Type: text/plain; charset="utf-8" > > OK... I thought it is difficult to discover and exploit. Hence, probability > is low reducing the total risk. > On Aug 5, 2014 6:45 PM, "Vishal A." <vishal.asth...@owasp.org> wrote: > > > Hi Padma, > > > > Good question. The original discussion thread is still ongoing. > > > > https://www.owasp.org/index.php/Types_of_Cross-Site_Scripting has a good > > write-up of the different XSS types. Someone shared that as well. > > > > In my opinion: > > > > 1) DOM-based XSS would top the risk list - Attack payload is difficult > to > > detect effectively and fix strongly as it manifests/lives in the DOM > > environment (on the client-side). > > 2) Stored XSS (persistent impact) would be next - Persistent impact but > > possible to detect attack payload server side and fix strongly by means > of > > well-known encoding filters. > > 3) Reflected XSS - Non-persistent impact and possible to detect attack > > payload server side followed by fixing strongly by means of well-known > > encoding filters. > > > > There might be specific scenarios where the rating might change but those > > would be exceptions and not the norm. > > > > Vishal > > > > On Mon, Aug 4, 2014 at 7:02 PM, Padma Anand <padma.an...@gmail.com> > wrote: > > > >> So, is there a conclusion? > >> On Aug 2, 2014 11:43 AM, "Vishal A." <vishal.asth...@owasp.org> wrote: > >> > >>> Hi All, > >>> > >>> Interesting ongoing discussion about DOM-based XSS risk calculation > >>> compared to other XSS variants. > >>> > >>> Vishal > >>> Delhi Chapter Lead > >>> > >>> Message: 1 > >>>> Date: Fri, 01 Aug 2014 14:45:00 +0200 > >>>> From: Stefano Di Paola <stef...@owasp.org> > >>>> To: timogoo...@runbox.com > >>>> Cc: owasp-community <owasp-commun...@lists.owasp.org> > >>>> Subject: Re: [Owasp-community] Dom xss risk > >>>> Message-ID: <1406897100.6715.145.camel@stefanaio> > >>>> Content-Type: text/plain; charset="UTF-8" > >>>> > >>>> Hey :), > >>>> > >>>> On Fri, 2014-08-01 at 11:12 +0200, Timo Goosen wrote: > >>>> > I think this might spark a big debate on what the definition of Dom > >>>> XSS really is. > >>>> > > >>>> > >>>> That's indeed a plausible chance :) > >>>> > >>>> Let me start with the, hopefully, right foot. > >>>> > >>>> Risk is defined by > >>>> > >>>> (Impact) X (Probability of Occurrence) > >>>> > >>>> which is why it is commonly agreed that reflected XSS vs stored XSS > have > >>>> different risks. Although generally speaking can be considere true, > I'd > >>>> say: "it's not always true. Sometimes Stored can be comparable to > >>>> reflected in terms of prob of occurrence.". > >>>> > >>>> So same impact, different probability. > >>>> > >>>> XSS has been considered, since the beginning, as a way to execute > >>>> unauthorized JavaScript "Cross Site" by injecting "Code" (whatever > Code > >>>> means) in the browser. > >>>> > >>>> The XSS of the Third kind or DOM Based XSS was formalized by Amit > Klein > >>>> in 2005 > >>>> http://www.webappsec.org/projects/articles/071105.shtml > >>>> "DOM Based Cross Site Scripting or XSS of the Third Kind > >>>> A look at an overlooked flavor of XSS" > >>>> > >>>> The sink that were described in that paper involved > >>>> * Write raw HTML: HTML Injection > >>>> * Directly executing script:JavaScript Injection > >>>> * Others, like: changing the action of a form, redirect etc. > >>>> > >>>> If we look at the actual on going HTML model, every day there's a way > to > >>>> abuse new HTML/JavaScript features, aka new sinks. > >>>> > >>>> So, instead of talking about a generic risk, lets' talk about the > actual > >>>> impacts according to the CIA(*1) properties that affect data and after > >>>> that we can think about the probability of occurrence. > >>>> > >>>> I mean that if you can control the action of a form that sends a > >>>> username, it'll have a different impact comparing to another one that > >>>> sends the whole credentials, and still there are differencies with > full > >>>> JavaScript Execution issues. > >>>> > >>>> There are several refs/ppt/docs about DOM Based XSS, by now. > >>>> Let me just list a few: > >>>> > >>>> https://code.google.com/p/domxsswiki/wiki/References > >>>> > >>>> > https://www.owasp.org/images/c/c5/Unraveling_some_Mysteries_around_DOM-based_XSS.pdf > >>>> http://www.slideshare.net/Wisec/inbrowser-37570248/14 > >>>> > >>>> > >>>> Just my 2 cents. :) > >>>> Stefano > >>>> > >>>> Notes: > >>>> *1 Confidentiality, Integrity, Availability > >>>> > >>>> > > >>>> > On Thu, 31 Jul 2014 10:03:26 -0400, allisonshubert < > >>>> allisonshub...@yahoo.com> wrote: > >>>> > > >>>> > > > >>>> > > I am curious if folks differentiate the risk of the different > types > >>>> of xss. Meaning, is stored > >>>> > or reflective riskier than dom thereby requiring immediate > >>>> resolution or is all xss > >>>> > considered to be the same risk? > >>>> > > > >>>> > > Thank you > >>>> > > Alli > >>>> > > _______________________________________________ > >>>> > > Owasp-community mailing list > >>>> > > owasp-commun...@lists.owasp.org > >>>> > > https://lists.owasp.org/mailman/listinfo/owasp-community > >>>> > > >>>> > > >>>> > _______________________________________________ > >>>> > Owasp-community mailing list > >>>> > owasp-commun...@lists.owasp.org > >>>> > https://lists.owasp.org/mailman/listinfo/owasp-community > >>>> > >>>> > >>>> > >>>> > >>>> ------------------------------ > >>>> > >>>> Message: 2 > >>>> Date: Fri, 1 Aug 2014 08:07:07 -1000 > >>>> From: Jim Manico <jim.man...@owasp.org> > >>>> To: Stefano Di Paola <stef...@owasp.org> > >>>> Cc: owasp-community <owasp-commun...@lists.owasp.org> > >>>> Subject: Re: [Owasp-community] Dom xss risk > >>>> Message-ID: <5815299581991813472@unknownmsgid> > >>>> Content-Type: text/plain; charset="utf-8" > >>>> > >>>> As Stefano references, pay special attention to Dave Wichers talk > >>>> > >>>> > https://www.owasp.org/images/c/c5/Unraveling_some_Mysteries_around_DOM-based_XSS.pdf > >>>> (especially > >>>> slide 7) where he proposes that "DOM Based XSS" should really be > renamed > >>>> "Client side XSS", a context and name change that I am a fan of. > >>>> > >>>> -- > >>>> Jim Manico > >>>> @Manicode > >>>> (808) 652-3805 > >>>> > >>>> On Aug 1, 2014, at 2:46 AM, Stefano Di Paola <stef...@owasp.org> > wrote: > >>>> > >>>> Hey :), > >>>> > >>>> On Fri, 2014-08-01 at 11:12 +0200, Timo Goosen wrote: > >>>> > >>>> I think this might spark a big debate on what the definition of Dom > >>>> > >>>> XSS really is. > >>>> > >>>> > >>>> > >>>> That's indeed a plausible chance :) > >>>> > >>>> Let me start with the, hopefully, right foot. > >>>> > >>>> Risk is defined by > >>>> > >>>> (Impact) X (Probability of Occurrence) > >>>> > >>>> which is why it is commonly agreed that reflected XSS vs stored XSS > have > >>>> different risks. Although generally speaking can be considere true, > I'd > >>>> say: "it's not always true. Sometimes Stored can be comparable to > >>>> reflected in terms of prob of occurrence.". > >>>> > >>>> So same impact, different probability. > >>>> > >>>> XSS has been considered, since the beginning, as a way to execute > >>>> unauthorized JavaScript "Cross Site" by injecting "Code" (whatever > Code > >>>> means) in the browser. > >>>> > >>>> The XSS of the Third kind or DOM Based XSS was formalized by Amit > Klein > >>>> in 2005 > >>>> http://www.webappsec.org/projects/articles/071105.shtml > >>>> "DOM Based Cross Site Scripting or XSS of the Third Kind > >>>> A look at an overlooked flavor of XSS" > >>>> > >>>> The sink that were described in that paper involved > >>>> * Write raw HTML: HTML Injection > >>>> * Directly executing script:JavaScript Injection > >>>> * Others, like: changing the action of a form, redirect etc. > >>>> > >>>> If we look at the actual on going HTML model, every day there's a way > to > >>>> abuse new HTML/JavaScript features, aka new sinks. > >>>> > >>>> So, instead of talking about a generic risk, lets' talk about the > actual > >>>> impacts according to the CIA(*1) properties that affect data and after > >>>> that we can think about the probability of occurrence. > >>>> > >>>> I mean that if you can control the action of a form that sends a > >>>> username, it'll have a different impact comparing to another one that > >>>> sends the whole credentials, and still there are differencies with > full > >>>> JavaScript Execution issues. > >>>> > >>>> There are several refs/ppt/docs about DOM Based XSS, by now. > >>>> Let me just list a few: > >>>> > >>>> https://code.google.com/p/domxsswiki/wiki/References > >>>> > >>>> > https://www.owasp.org/images/c/c5/Unraveling_some_Mysteries_around_DOM-based_XSS.pdf > >>>> http://www.slideshare.net/Wisec/inbrowser-37570248/14 > >>>> > >>>> > >>>> Just my 2 cents. :) > >>>> Stefano > >>>> > >>>> Notes: > >>>> *1 Confidentiality, Integrity, Availability > >>>> > >>>> > >>>> On Thu, 31 Jul 2014 10:03:26 -0400, allisonshubert < > >>>> allisonshub...@yahoo.com> > >>>> wrote: > >>>> > >>>> > >>>> > >>>> I am curious if folks differentiate the risk of the different types of > >>>> xss. > >>>> Meaning, is stored > >>>> > >>>> or reflective riskier than dom thereby requiring immediate resolution > >>>> or is > >>>> all xss > >>>> > >>>> considered to be the same risk? > >>>> > >>>> > >>>> Thank you > >>>> > >>>> Alli > >>>> > >>>> _______________________________________________ > >>>> > >>>> Owasp-community mailing list > >>>> > >>>> owasp-commun...@lists.owasp.org > >>>> > >>>> https://lists.owasp.org/mailman/listinfo/owasp-community > >>>> > >>>> > >>>> > >>>> _______________________________________________ > >>>> > >>>> Owasp-community mailing list > >>>> > >>>> owasp-commun...@lists.owasp.org > >>>> > >>>> https://lists.owasp.org/mailman/listinfo/owasp-community > >>>> > >>>> > >>>> > >>>> _______________________________________________ > >>>> Owasp-community mailing list > >>>> owasp-commun...@lists.owasp.org > >>>> https://lists.owasp.org/mailman/listinfo/owasp-community > >>>> -------------- next part -------------- > >>>> An HTML attachment was scrubbed... > >>>> URL: < > >>>> > http://lists.owasp.org/pipermail/owasp-community/attachments/20140801/9fb5e290/attachment-0001.html > >>>> > > >>>> > >>>> ------------------------------ > >>>> > >>>> Message: 3 > >>>> Date: Fri, 1 Aug 2014 16:24:25 -0700 > >>>> From: Gregory Disney <gregory.dis...@owasp.org> > >>>> To: Jim Manico <jim.man...@owasp.org> > >>>> Cc: owasp-community <owasp-commun...@lists.owasp.org> > >>>> Subject: Re: [Owasp-community] Dom xss risk > >>>> Message-ID: > >>>> < > >>>> cacotuh43ee-wdv4-k+up9jgvcztnhm+l+hvn61xthhggppc...@mail.gmail.com> > >>>> Content-Type: text/plain; charset="utf-8" > >>>> > >>>> My two cents is Dom XSS could be simply > >>>> http://localhost:8080#<script>javascript:alert("XSS")</script> > >>>> where as Clientside XSS could involve a javascript console and just > >>>> running > >>>> document.location=Javascript:alert("XSS"). The main difference I can > >>>> see is > >>>> executing from User agent to server-side as more severe, than > executing > >>>> from javascript console. That's the way I always separated this > attacks, > >>>> -Greg > >>>> > >>>> > >>>> On Fri, Aug 1, 2014 at 11:07 AM, Jim Manico <jim.man...@owasp.org> > >>>> wrote: > >>>> > >>>> > As Stefano references, pay special attention to Dave Wichers talk > >>>> > > >>>> > https://www.owasp.org/images/c/c5/Unraveling_some_Mysteries_around_DOM-based_XSS.pdf > >>>> (especially > >>>> > slide 7) where he proposes that "DOM Based XSS" should really be > >>>> renamed > >>>> > "Client side XSS", a context and name change that I am a fan of. > >>>> > > >>>> > -- > >>>> > Jim Manico > >>>> > @Manicode > >>>> > (808) 652-3805 > >>>> > > >>>> > On Aug 1, 2014, at 2:46 AM, Stefano Di Paola <stef...@owasp.org> > >>>> wrote: > >>>> > > >>>> > Hey :), > >>>> > > >>>> > On Fri, 2014-08-01 at 11:12 +0200, Timo Goosen wrote: > >>>> > > >>>> > I think this might spark a big debate on what the definition of Dom > >>>> > > >>>> > XSS really is. > >>>> > > >>>> > > >>>> > > >>>> > That's indeed a plausible chance :) > >>>> > > >>>> > Let me start with the, hopefully, right foot. > >>>> > > >>>> > Risk is defined by > >>>> > > >>>> > (Impact) X (Probability of Occurrence) > >>>> > > >>>> > which is why it is commonly agreed that reflected XSS vs stored XSS > >>>> have > >>>> > different risks. Although generally speaking can be considere true, > >>>> I'd > >>>> > say: "it's not always true. Sometimes Stored can be comparable to > >>>> > reflected in terms of prob of occurrence.". > >>>> > > >>>> > So same impact, different probability. > >>>> > > >>>> > XSS has been considered, since the beginning, as a way to execute > >>>> > unauthorized JavaScript "Cross Site" by injecting "Code" (whatever > >>>> Code > >>>> > means) in the browser. > >>>> > > >>>> > The XSS of the Third kind or DOM Based XSS was formalized by Amit > >>>> Klein > >>>> > in 2005 > >>>> > http://www.webappsec.org/projects/articles/071105.shtml > >>>> > "DOM Based Cross Site Scripting or XSS of the Third Kind > >>>> > A look at an overlooked flavor of XSS" > >>>> > > >>>> > The sink that were described in that paper involved > >>>> > * Write raw HTML: HTML Injection > >>>> > * Directly executing script:JavaScript Injection > >>>> > * Others, like: changing the action of a form, redirect etc. > >>>> > > >>>> > If we look at the actual on going HTML model, every day there's a > way > >>>> to > >>>> > abuse new HTML/JavaScript features, aka new sinks. > >>>> > > >>>> > So, instead of talking about a generic risk, lets' talk about the > >>>> actual > >>>> > impacts according to the CIA(*1) properties that affect data and > after > >>>> > that we can think about the probability of occurrence. > >>>> > > >>>> > I mean that if you can control the action of a form that sends a > >>>> > username, it'll have a different impact comparing to another one > that > >>>> > sends the whole credentials, and still there are differencies with > >>>> full > >>>> > JavaScript Execution issues. > >>>> > > >>>> > There are several refs/ppt/docs about DOM Based XSS, by now. > >>>> > Let me just list a few: > >>>> > > >>>> > https://code.google.com/p/domxsswiki/wiki/References > >>>> > > >>>> > > >>>> > https://www.owasp.org/images/c/c5/Unraveling_some_Mysteries_around_DOM-based_XSS.pdf > >>>> > http://www.slideshare.net/Wisec/inbrowser-37570248/14 > >>>> > > >>>> > > >>>> > Just my 2 cents. :) > >>>> > Stefano > >>>> > > >>>> > Notes: > >>>> > *1 Confidentiality, Integrity, Availability > >>>> > > >>>> > > >>>> > On Thu, 31 Jul 2014 10:03:26 -0400, allisonshubert < > >>>> > allisonshub...@yahoo.com> wrote: > >>>> > > >>>> > > >>>> > > >>>> > I am curious if folks differentiate the risk of the different types > of > >>>> > xss. Meaning, is stored > >>>> > > >>>> > or reflective riskier than dom thereby requiring immediate > resolution > >>>> or > >>>> > is all xss > >>>> > > >>>> > considered to be the same risk? > >>>> > > >>>> > > >>>> > Thank you > >>>> > > >>>> > Alli > >>>> > > >>>> > _______________________________________________ > >>>> > > >>>> > Owasp-community mailing list > >>>> > > >>>> > owasp-commun...@lists.owasp.org > >>>> > > >>>> > https://lists.owasp.org/mailman/listinfo/owasp-community > >>>> > > >>>> > > >>>> > > >>>> > _______________________________________________ > >>>> > > >>>> > Owasp-community mailing list > >>>> > > >>>> > owasp-commun...@lists.owasp.org > >>>> > > >>>> > https://lists.owasp.org/mailman/listinfo/owasp-community > >>>> > > >>>> > > >>>> > > >>>> > _______________________________________________ > >>>> > Owasp-community mailing list > >>>> > owasp-commun...@lists.owasp.org > >>>> > https://lists.owasp.org/mailman/listinfo/owasp-community > >>>> > > >>>> > > >>>> > _______________________________________________ > >>>> > Owasp-community mailing list > >>>> > owasp-commun...@lists.owasp.org > >>>> > https://lists.owasp.org/mailman/listinfo/owasp-community > >>>> > > >>>> > > >>>> -------------- next part -------------- > >>>> An HTML attachment was scrubbed... > >>>> URL: < > >>>> > http://lists.owasp.org/pipermail/owasp-community/attachments/20140801/306e8754/attachment.html > >>>> > > >>>> > >>>> ------------------------------ > >>>> > >>>> _______________________________________________ > >>>> Owasp-community mailing list > >>>> owasp-commun...@lists.owasp.org > >>>> https://lists.owasp.org/mailman/listinfo/owasp-community > >>>> > >>>> > >>>> End of Owasp-community Digest, Vol 5, Issue 2 > >>>> ********************************************* > >>>> > >>>> > >>> > >>> _______________________________________________ > >>> OWASP-Delhi mailing list > >>> OWASP-Delhi@lists.owasp.org > >>> https://lists.owasp.org/mailman/listinfo/owasp-delhi > >>> LinkedIn Group: https://www.linkedin.com/groups?gid=89270 > >>> Twitter: https://twitter.com/OWASPdelhi > >>> > >> > > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://lists.owasp.org/pipermail/owasp-delhi/attachments/20140806/2bfd58a1/attachment.html > > > > ------------------------------ > > _______________________________________________ > OWASP-Delhi mailing list > OWASP-Delhi@lists.owasp.org > https://lists.owasp.org/mailman/listinfo/owasp-delhi > > > End of OWASP-Delhi Digest, Vol 73, Issue 11 > ******************************************* > -- Anuj Gupta
_______________________________________________ OWASP-Delhi mailing list OWASP-Delhi@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-delhi LinkedIn Group: https://www.linkedin.com/groups?gid=89270 Twitter: https://twitter.com/OWASPdelhi
