Proposition for fixing broken/improving links (#686)

* As stated on enzoic.com: "PasswordPing is now Enzoic!" * Add references to other OWASP resources
2019-10-16 17:29:27 +02:00
parent 1f00d461a8
commit 9fdbbf69d6
2 changed files with 3 additions and 1 deletions
--- a/webgoat-lessons/idor/src/main/resources/lessonPlans/en/IDOR_intro.adoc
+++ b/webgoat-lessons/idor/src/main/resources/lessonPlans/en/IDOR_intro.adoc
@ -34,5 +34,7 @@ This of course can be checked or expanded beyond GET methods to view data, but t
 Before we go on to practice, here's some good reading on Insecure Direct Object References:

 * https://www.owasp.org/index.php/Testing_for_Insecure_Direct_Object_References_(OTG-AUTHZ-004)
+* https://www.owasp.org/index.php/Top_10-2017_A5-Broken_Access_Control
+* https://cheatsheetseries.owasp.org/cheatsheets/Insecure_Direct_Object_Reference_Prevention_Cheat_Sheet.html
 * https://www.owasp.org/index.php/Top_10_2013-A4-Insecure_Direct_Object_References
 * http://cwe.mitre.org/data/definitions/639.html