GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → OWASP → Owasp Java Encoder

OWASP / Owasp Java Encoder

Licence: bsd-3-clause
The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!

Programming Languages

java
68154 projects - #9 most used programming language

Labels

encodingxss

Projects that are alternatives of or similar to Owasp Java Encoder

Xssor2
XSS'OR - Hack with JavaScript.
Stars: ✭ 1,969 (+474.05%)
Mutual labels:  encoding, xss
Jsshell
An interactive multi-user web JS shell
Stars: ✭ 330 (-3.79%)
Mutual labels:  xss
SQL-XSS
A few SQL and XSS attack tools
Stars: ✭ 29 (-91.55%)
Mutual labels:  xss
Vuejs Serverside Template Xss
Demo of a Vue.js app that mixes both clientside templates and serverside templates leading to an XSS vulnerability
Stars: ✭ 278 (-18.95%)
Mutual labels:  xss
Rtspallthethings
Deprecated RTSP media server -- Use github.com/aler9/rtsp-simple-server instead.
Stars: ✭ 258 (-24.78%)
Mutual labels:  encoding
Javacodeaudit
Getting started with java code auditing 代码审计入门的小项目
Stars: ✭ 289 (-15.74%)
Mutual labels:  xss
basex
Arbitrary base encoding in GO
Stars: ✭ 39 (-88.63%)
Mutual labels:  encoding
Awesomexss
Awesome XSS stuff
Stars: ✭ 3,664 (+968.22%)
Mutual labels:  xss
Findom Xss
A fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (-9.62%)
Mutual labels:  xss
Penetration testing poc
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Stars: ✭ 3,858 (+1024.78%)
Mutual labels:  xss
Arachni
Web Application Security Scanner Framework
Stars: ✭ 2,942 (+757.73%)
Mutual labels:  xss
Xmorse
🌞 ~1.5Kb morse code library for all. 一个支持 Unicode 中文摩斯密码编码的 Javascript 库。
Stars: ✭ 266 (-22.45%)
Mutual labels:  encoding
Gowapt
Go Web Application Penetration Test
Stars: ✭ 300 (-12.54%)
Mutual labels:  xss
Watson
WATSON: Wasted but Amazing Turing-incomplete Stack-based Object Notation
Stars: ✭ 258 (-24.78%)
Mutual labels:  encoding
Bxss
bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
Stars: ✭ 331 (-3.5%)
Mutual labels:  xss
ffmpeg-commander
🛠️ FFmpeg Command Generator Web UI
Stars: ✭ 136 (-60.35%)
Mutual labels:  encoding
Application Security Engineer Interview Questions
Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: ✭ 267 (-22.16%)
Mutual labels:  xss
Serpent
A protocol to serialize Swift structs and classes for encoding and decoding.
Stars: ✭ 281 (-18.08%)
Mutual labels:  encoding
Ant
实时上线的 XSS 盲打平台
Stars: ✭ 340 (-0.87%)
Mutual labels:  xss
Web Security Learning
Web-Security-Learning
Stars: ✭ 3,619 (+955.1%)
Mutual labels:  xss
View All Similar Projects ➔

OWASP Java Encoder Project

Build Status License

Contextual Output Encoding is a computer programming technique necessary to stop Cross-Site Scripting. This project is a Java 1.5+ simple-to-use drop-in high-performance encoder class with little baggage.

Start using the OWASP Java Encoders

You can download a JAR from Maven Central.

JSP tags and EL functions are available in the encoder-jsp, also available in Central.

The jars are also available in Maven:

<dependency>
    <groupId>org.owasp.encoder</groupId>
    <artifactId>encoder</artifactId>
    <version>1.2.3</version>
</dependency>

<dependency>
    <groupId>org.owasp.encoder</groupId>
    <artifactId>encoder-jsp</artifactId>
    <version>1.2.3</version>
</dependency>

Quick Overview

The OWASP Java Encoder library is intended for quick contextual encoding with very little overhead, either in performance or usage. To get started, simply add the encoder-1.2.3.jar, import org.owasp.encoder.Encode and start using.

Example usage:

    PrintWriter out = ....;
    out.println("<textarea>"+Encode.forHtml(userData)+"</textarea>");

Please look at the javadoc for Encode to see the variety of contexts for which you can encode.

Happy Encoding!

News

2020-11-08 - 1.2.3 Release

The team is happy to announce that version 1.2.3 has been released!

  • Update to make the manifest OSGi-compliant (#39).
  • Update to support ESAPI 2.2 and later (#37).

2018-09-14 - 1.2.2 Release

The team is happy to announce that version 1.2.2 has been released!

  • This is a minor release fixing documentation and licensing issues.

2017-02-19 - 1.2.1 Release

The team is happy to announce that version 1.2.1 has been released!

  • The CDATA Encoder was modified so that it does not emit intermediate characters between adjacent CDATA sections.
  • The documentation on gh-pages has been improved.

2015-04-12 - 1.2 Release on GitHub

OWASP Java Encoder has been moved to GitHub. Version 1.2 was also released!

2014-03-31 - Documentation updated

Please visit https://www.owasp.org/index.php/OWASP_Java_Encoder_Project#tab=Use_the_Java_Encoder_Project to see detailed documentation and examples on each API use!

2014-01-30 - Version 1.1.1 released

We're happy to announce that version 1.1.1 has been released. Along with a important bug fix, we added ESAPI integration to replace the legacy ESAPI encoders with the OWASP Java Encoder.

2013-02-14 - Version 1.1 released

We're happy to announce that version 1.1 has been released. Along with a few minor encoding enhancements, we improved performance, and added a JSP tag and function library.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].