Just a quick note: the first authors of the Developer Guide were Mark Curphey, David Endler, William Hau, Steve Taylor, and Tim Smith. When I joined OWASP in November 2001, the first Developer Guide was one of the projects being talked about, but it wasn't released as 1.0 until June 2002. Version 1.1, the XML version, was released in September 2002, with 1.1.1 following on September 11, 2002. After that, the project became a bit dormant until I took the reins in 2003 and started on a basically complete rewrite. I released v2.0 at Black Hat in late July 2005. I'm moderately sure version 3.0 was never released despite several attempts. I wrote an outline of the ToC, but there were no contributors at the time, and I was burned out. So things went dormant for nearly twenty years when a new team formed in early 2023 and started writing. Version 4.0 was a complete rewrite and released on May 6, 2024. The current version is 4.1.3.
at 1:28, we hear that "There was a real need to let folks know about all the different attacks.. " and it actually got used as: "This is how you hack web apps" How convenient for the cybersecurity industry that there were so many more hackers as a result. As much as they would like to pretend it was unintended, I think it was intended.
Just a quick note: the first authors of the Developer Guide were Mark Curphey, David Endler, William Hau, Steve Taylor, and Tim Smith. When I joined OWASP in November 2001, the first Developer Guide was one of the projects being talked about, but it wasn't released as 1.0 until June 2002.
Version 1.1, the XML version, was released in September 2002, with 1.1.1 following on September 11, 2002.
After that, the project became a bit dormant until I took the reins in 2003 and started on a basically complete rewrite.
I released v2.0 at Black Hat in late July 2005.
I'm moderately sure version 3.0 was never released despite several attempts. I wrote an outline of the ToC, but there were no contributors at the time, and I was burned out. So things went dormant for nearly twenty years when a new team formed in early 2023 and started writing.
Version 4.0 was a complete rewrite and released on May 6, 2024. The current version is 4.1.3.
at 1:28, we hear that "There was a real need to let folks know about all the different attacks.. " and it actually got used as: "This is how you hack web apps" How convenient for the cybersecurity industry that there were so many more hackers as a result.
As much as they would like to pretend it was unintended, I think it was intended.