自2014年起OWASP(Open Web Application Security Project),便開始釋出各種網站安全的指引,供從事網路人員學習網站的安全知識,轉眼間也過了6年了。隨著網路的普及,多變化的網路攻擊仍持續成長至今,現在OWASP組織釋出最新且常見的Web Security Testing Guide攻擊說明及防範方式,從事資訊領域的人必定要參考的網路安全資料之一。
從下列清單看出,OWASP Web Security Testing Guide釋出各時期版本,若要查看其他版本內容,則可點擊至下方連結下載:
[Version 4.1] – 2020-04-21
Version 4.1 serves as a post-migration stable version under the new GitHub repository workflow.
[Version 4.0] – 2014-09-17
A printed book is also made available for purchase.
[Version 3.0] – 2008-12-16
[Pre-release 3.0] – 2008-11-06
View a presentation (PPT) previewing the release at the OWASP EU Summit 2008 in Portugal.
[Version 2.0] – 2007-02-10
The guide is also available in Word Document format in English (ZIP) as well as Word Document format translation in Spanish (ZIP).
[Version 1.1] – 2004-08-14
Version 1.1 is released as the OWASP Web Application Penetration Checklist.
[Version 1.0] – 2004-12-10
下載連結(OWASP Web Security Testing Guide 4.1版) https://github.com/OWASP/wstg/releases/download/v4.1/wstg-v4.1.pdf https://owasp.org/www-project-web-security-testing-guide/