OWASP is happy to announce the first release of OWASP Pantera – Web Assessment Studio. Pantera is a mix between a pentest proxy, an application scanner, and an intelligent analysis framework. Pantera’s goal is to leave the analysis and automatic (repetitive) stuff to the engine, leaving only the important decisions to the security expert. Great [...]

The Open Web Application Security Project (OWASP) is dedicated to finding and fighting the causes of insecure software. Everything here is free and open source. OWASP has released the Security Testing Guide v2 .At 270 pages, this guide is already a must-have for most developers and penetration/application testers, but we want to take it one [...]

An ingenious way of breaking the same-origin policy by undermining dns-pinning :

An open source application layer firewall for HTTP/HTTPS. It works as a reverse proxy server. It analyzes all HTTP/HTTPS traffic against rule-based signatures and protects web servers and web applications from attack.