{"id":5138,"date":"2022-02-28T11:49:54","date_gmt":"2022-02-28T11:49:54","guid":{"rendered":"https:\/\/www.irandnn.ir\/mag\/?p=5138"},"modified":"2022-03-27T13:11:28","modified_gmt":"2022-03-27T13:11:28","slug":"owasp","status":"publish","type":"post","link":"https:\/\/www.irandnn.ir\/mag\/owasp\/","title":{"rendered":"OWASP \u0686\u06cc\u0633\u062a\u061f | \u0627\u0633\u062a\u0627\u0646\u062f\u0627\u0631\u062f\u200c\u0647\u0627 \u0648 \u067e\u0631\u0648\u0698\u0647\u200c\u0647\u0627\u06cc \u0627\u0648\u0627\u0633\u067e"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_76 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\r\n<div class=\"ez-toc-title-container\">\r\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">\u0641\u0647\u0631\u0633\u062a \u0645\u0637\u0627\u0644\u0628<\/p>\r\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\r\n<nav><ul class='ez-toc-list ez-toc-list-level-1 eztoc-toggle-hide-by-default' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.irandnn.ir\/mag\/owasp\/#OWASP_%DA%86%DB%8C%D8%B3%D8%AA%D8%9F\" >OWASP \u0686\u06cc\u0633\u062a\u061f<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.irandnn.ir\/mag\/owasp\/#%D8%AA%D8%A7%D8%B1%DB%8C%D8%AE%DA%86%D9%87_OWASP\" >\u062a\u0627\u0631\u06cc\u062e\u0686\u0647 OWASP<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.irandnn.ir\/mag\/owasp\/#%D9%84%DB%8C%D8%B3%D8%AA_%D9%BE%D8%B1%D9%88%DA%98%D9%87%E2%80%8C_%D9%87%D8%A7%DB%8C_OWASP\" >\u0644\u06cc\u0633\u062a \u067e\u0631\u0648\u0698\u0647\u200c \u0647\u0627\u06cc OWASP<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.irandnn.ir\/mag\/owasp\/#OWASP_AMASS\" >OWASP AMASS<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.irandnn.ir\/mag\/owasp\/#OWASP_ASVS\" >OWASP ASVS<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.irandnn.ir\/mag\/owasp\/#OWASP_Cheat_Sheet_Series\" >OWASP Cheat Sheet Series<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.irandnn.ir\/mag\/owasp\/#OWASP_CSRFGuard\" >OWASP CSRFGuard<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.irandnn.ir\/mag\/owasp\/#OWASP_CycloneDX\" >OWASP CycloneDX<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/www.irandnn.ir\/mag\/owasp\/#OWASP_Defectdojo\" >OWASP Defectdojo<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/www.irandnn.ir\/mag\/owasp\/#OWASP_Dependency-Check\" >OWASP Dependency-Check<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/www.irandnn.ir\/mag\/owasp\/#OWASP_Dependency-Track\" >OWASP Dependency-Track<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/www.irandnn.ir\/mag\/owasp\/#OWASP_Juice_Shop\" >OWASP Juice Shop<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/www.irandnn.ir\/mag\/owasp\/#OWASP_Mobile_Security_Testing_Guide\" >OWASP Mobile Security Testing Guide<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/www.irandnn.ir\/mag\/owasp\/#OWASP_ModSecurity_Core_Rule_Set\" >OWASP ModSecurity Core Rule Set<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-15\" href=\"https:\/\/www.irandnn.ir\/mag\/owasp\/#OWASP_Nightingale\" >OWASP Nightingale<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-16\" href=\"https:\/\/www.irandnn.ir\/mag\/owasp\/#OWASP_OWTF\" >OWASP OWTF<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-17\" href=\"https:\/\/www.irandnn.ir\/mag\/owasp\/#OWASP_SAMM\" >OWASP SAMM<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-18\" href=\"https:\/\/www.irandnn.ir\/mag\/owasp\/#OWASP_Security_Knowledge_Framework\" >OWASP Security Knowledge Framework<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-19\" href=\"https:\/\/www.irandnn.ir\/mag\/owasp\/#OWASP_Security_Shepherd\" >OWASP Security Shepherd<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-20\" href=\"https:\/\/www.irandnn.ir\/mag\/owasp\/#OWASP_Top_10\" >OWASP Top 10<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-21\" href=\"https:\/\/www.irandnn.ir\/mag\/owasp\/#OWASP_Web_Security_Testing_Guide\" >OWASP Web Security Testing Guide<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-22\" href=\"https:\/\/www.irandnn.ir\/mag\/owasp\/#OWASP_ZAP\" >OWASP ZAP<\/a><\/li><\/ul><\/li><\/ul><\/li><\/ul><\/nav><\/div>\r\n<span class=\"span-reading-time rt-reading-time\" style=\"display: block;\"><span class=\"rt-label rt-prefix\">\u0632\u0645\u0627\u0646 \u0645\u0637\u0627\u0644\u0639\u0647:<\/span> <span class=\"rt-time\"> 9<\/span> <span class=\"rt-label rt-postfix\">\u062f\u0642\u06cc\u0642\u0647<\/span><\/span><h2><span class=\"ez-toc-section\" id=\"OWASP_%DA%86%DB%8C%D8%B3%D8%AA%D8%9F\"><\/span><strong>OWASP \u0686\u06cc\u0633\u062a\u061f<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>OWASP \u0645\u062e\u062a\u0635\u0631 Open Web Application Security Project\u060c \u0628\u0646\u06cc\u0627\u062f\u06cc \u063a\u06cc\u0631\u062f\u0648\u0644\u062a\u06cc \u0645\u06cc\u200c\u0628\u0627\u0634\u062f \u06a9\u0647 \u0628\u0647 \u0645\u0646\u0638\u0648\u0631 \u0628\u0647\u0628\u0648\u062f \u0627\u0645\u0646\u06cc\u062a \u062f\u0631 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u200c\u0647\u0627 \u0634\u06a9\u0644 \u06af\u0631\u0641\u062a\u0647 \u0627\u0633\u062a. OWASP \u06cc\u0627 \u0627\u0648\u0627\u0633\u067e \u062f\u0631 \u0648\u0627\u0642\u0639 \u067e\u0631\u0648\u0698\u0647\u200c\u0627\u06cc \u0645\u0646\u0628\u0639 \u0628\u0627\u0632 (Open-source) \u0648 \u062c\u0627\u0645\u0639\u0647\u200c\u0628\u0627\u0632 (Open-Community) \u0627\u0633\u062a \u06a9\u0647 \u0628\u0648\u0627\u0633\u0637\u0647 \u0635\u062f\u0647\u0627 \u0641\u0635\u0644 \u0645\u062a\u0646 \u0648 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0627\u0632 \u0633\u0631\u0627\u0633\u0631 \u062c\u0647\u0627\u0646\u060c \u0647\u0645\u06a9\u0627\u0631\u06cc \u062f\u0647\u200c\u0647\u0627 \u0647\u0632\u0627\u0631 \u0646\u0641\u0631 \u0648 \u06a9\u0646\u0641\u0631\u0627\u0646\u0633\u200c\u0647\u0627\u06cc \u0622\u0645\u0648\u0632\u0634\u06cc \u0628\u0647 \u0645\u0646\u0628\u0639\u06cc \u0628\u0631\u0627\u06cc \u062a\u0648\u0633\u0639\u0647 \u062f\u0647\u0646\u062f\u06af\u0627\u0646 \u0648 \u0645\u062a\u062e\u0635\u0635\u0627\u0646 \u0641\u0646\u200c\u0622\u0648\u0631\u06cc \u0628\u0647 \u0645\u0646\u0638\u0648\u0631 \u062a\u0648\u0644\u06cc\u062f \u0648 \u0646\u06af\u0647\u062f\u0627\u0634\u062a \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0648\u0628 \u062a\u0628\u062f\u06cc\u0644 \u0634\u062f\u0647 \u0627\u0633\u062a.<\/p>\n<p>\u0627\u0645\u0631\u0648\u0632\u0647 \u0627\u0633\u062a\u0627\u0646\u062f\u0627\u0631\u062f\u200c\u0647\u0627\u06cc \u0627\u0648\u0627\u0633\u067e\u060c \u0645\u0639\u06cc\u0627\u0631\u06cc \u0627\u0633\u062a \u0628\u0631\u0627\u06cc \u062a\u062e\u0645\u06cc\u0646 \u0648 \u0628\u0631\u0631\u0633\u06cc \u0645\u06cc\u0632\u0627\u0646 \u0627\u0645\u0646\u06cc\u062a \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u062a\u062d\u062a \u0648\u0628 \u0648 \u0627\u06cc\u0646 \u0627\u0645\u0631 \u0645\u0648\u0631\u062f \u062a\u0627\u06cc\u06cc\u062f \u0633\u0627\u0632\u0645\u0627\u0646\u200c\u0647\u0627 \u0648 \u0628\u0646\u06cc\u0627\u062f\u200c\u0647\u0627\u06cc \u0633\u0631\u0627\u0633\u0631 \u062c\u0647\u0627\u0646 \u0648 \u0647\u0645\u0686\u0646\u06cc\u0646 \u0627\u06cc\u0631\u0627\u0646 \u0645\u06cc\u200c\u0628\u0627\u0634\u062f.<\/p>\n<p>OWASP \u0628\u0647 \u062e\u0648\u062f\u06cc \u062e\u0648\u062f \u06cc\u06a9 \u0627\u0633\u062a\u0627\u0646\u062f\u0627\u0631\u062f \u0646\u06cc\u0633\u062a \u0628\u0644\u06a9\u0647 \u0635\u0631\u0641\u0627 \u06cc\u06a9 \u0645\u062a\u0648\u062f\u0648\u0644\u0648\u0698\u06cc \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0628\u062f\u06cc\u0646 \u0645\u0639\u0646\u06cc \u0627\u0633\u062a \u06a9\u0647 \u0627\u0648\u0627\u0633\u067e \u0645\u062c\u0645\u0648\u0639\u0647\u200c\u0627\u06cc \u0627\u0632 \u0641\u0631\u0627\u06cc\u0646\u062f\u200c\u0647\u0627\u060c \u0631\u0648\u06cc\u0647\u200c\u0647\u0627 \u0648 \u0627\u06cc\u062f\u0647\u200c\u0647\u0627 \u0631\u0627 \u0628\u0647 \u0645\u0646\u0638\u0648\u0631 \u0631\u0633\u06cc\u062f\u0646 \u0628\u0647 \u0647\u062f\u0641 \u062e\u0648\u062f \u06cc\u0639\u0646\u06cc \u0627\u0645\u0646\u200c\u0633\u0627\u0632\u06cc\u060c \u062f\u0631 \u062e\u0648\u062f \u062c\u0627\u06cc \u0645\u06cc\u200c\u062f\u0647\u062f. \u0648\u0644\u06cc \u0627\u06cc\u0646 \u0628\u062f\u06cc\u0646 \u0645\u0639\u0646\u06cc \u0646\u0645\u06cc\u200c\u0628\u0627\u0634\u062f \u06a9\u0647 \u0627\u0648\u0627\u0633\u067e \u0647\u06cc\u062c \u0627\u0633\u062a\u0627\u0646\u062f\u0627\u0631\u062f\u06cc \u0631\u0627 \u062f\u0631 \u062e\u0648\u062f \u062c\u0627\u06cc \u0646\u0645\u06cc\u200c\u062f\u0647\u062f \u0628\u0631\u062e\u06cc \u0627\u0632 \u0627\u0633\u0646\u0627\u062f \u0627\u0648\u0627\u0633\u067e \u0628\u0627 \u0646\u0627\u0645 \u0627\u0633\u062a\u0627\u0646\u062f\u0627\u0631\u062f (\u0645\u0627\u0646\u0646\u062f Application Security Verification Standard) \u0639\u0645\u0648\u0645\u06cc \u0645\u06cc\u200c\u0634\u0648\u0646\u062f \u0648 \u0628\u0631\u062e\u06cc \u062f\u06cc\u06af\u0631 \u0647\u0645 \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u0646\u062f \u06a9\u0647 \u0627\u06af\u0631\u0686\u0647 \u0646\u0627\u0645 \u0627\u0633\u062a\u0627\u0646\u062f\u0627\u0631\u062f \u0631\u0648\u06cc \u062e\u0648\u062f \u0646\u062f\u0627\u0631\u0646\u062f \u0648\u0644\u06cc \u0633\u0627\u0632\u0645\u0627\u0646\u200c\u0647\u0627 \u0627\u0632 \u0622\u0646 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u06cc\u06a9 \u0627\u0633\u062a\u0627\u0646\u062f\u0627\u0631\u062f \u0628\u0647\u0631\u0647 \u0645\u06cc\u200c\u06af\u06cc\u0631\u0646\u062f.<\/p>\n<blockquote><p>\u0633\u0627\u0632\u0645\u0627\u0646 OWASP \u06cc\u06a9 \u0633\u0627\u0632\u0645\u0627\u0646 \u0628\u0627 \u0633\u0627\u062e\u062a\u0627\u0631 \u0646\u0648\u06cc\u0646 \u0627\u0633\u062a. \u0627\u0633\u062a\u0642\u0644\u0627\u0644 \u0645\u0627 \u0627\u0632 \u0641\u0634\u0627\u0631\u0647\u0627\u06cc \u062a\u062c\u0627\u0631\u06cc\u060c \u0627\u0645\u06a9\u0627\u0646 \u0627\u0631\u0627\u0626\u0647\u200c\u06cc \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u06cc\u0637\u0631\u0641\u0627\u0646\u0647\u060c \u0639\u0645\u0644\u06cc\u060c \u0648 \u0645\u0642\u0631\u0648\u0646 \u0628\u0647\u200c\u0635\u0631\u0641\u0647 \u062f\u0631\u0628\u0627\u0631\u0647\u200c\u06cc \u0627\u0645\u0646\u06cc\u062a \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0631\u0627 \u0641\u0631\u0627\u0647\u0645 \u0645\u06cc\u200c\u06a9\u0646\u062f. \u0627\u06af\u0631\u0686\u0647 OWASP \u0627\u0632 \u0627\u0633\u062a\u0641\u0627\u062f\u0647\u200c\u06cc \u0622\u06af\u0627\u0647\u0627\u0646\u0647\u200c\u06cc \u0641\u0646\u0627\u0648\u0631\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u062a\u062c\u0627\u0631\u06cc \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc \u0645\u06cc\u200c\u06a9\u0646\u062f\u060c \u0648\u0644\u06cc \u0647\u06cc\u0686 \u06af\u0648\u0646\u0647 \u0648\u0627\u0628\u0633\u062a\u06af\u06cc \u062d\u0642\u0648\u0642\u06cc \u0628\u0647 \u0633\u0627\u0632\u0645\u0627\u0646\u200c\u0647\u0627\u06cc \u062a\u062c\u0627\u0631\u06cc \u0646\u062f\u0627\u0631\u062f. \u0645\u0624\u0633\u0633\u0647 OWASP \u06cc\u06a9 \u0645\u0648\u062c\u0648\u062f\u06cc\u062a \u06a9\u0627\u0645\u0644\u0627 \u063a\u06cc\u0631\u0627\u0646\u062a\u0641\u0627\u0639\u06cc \u0627\u0633\u062a.<\/p><\/blockquote>\n<p>\u0627\u06cc\u0646 \u0628\u0646\u062f \u062a\u0639\u0631\u06cc\u0641\u06cc \u0627\u0633\u062a \u06a9\u0647 \u0627\u0648\u0627\u0633\u067e \u0627\u0632 \u062e\u0648\u062f \u0627\u0631\u0627\u0626\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u0648 \u062e\u0648\u062f \u0631\u0627 \u0628\u062f\u0644\u06cc\u0644 \u062f\u0627\u0648\u0637\u0644\u0628\u0627\u0646\u0647 \u0628\u0648\u062f\u0646 \u067e\u0631\u0648\u0698\u0647 \u0627\u0632 \u0641\u0634\u0627\u0631\u200c\u0647\u0627\u06cc \u0645\u0627\u0644\u06cc \u0645\u0628\u0631\u0627 \u0645\u06cc\u200c\u0633\u0627\u0632\u062f.<\/p>\n<p>\u062a\u0648\u0633\u0639\u0647 \u062f\u0647\u0646\u062f\u06af\u0627\u0646 \u0648 \u0645\u062a\u062e\u0635\u0635\u0627\u0646 \u0641\u0646\u0627\u0648\u0631\u06cc \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u0646\u062f \u0628\u0627 \u0628\u0631\u0631\u0633\u06cc \u0645\u0646\u0638\u0645 \u0627\u0633\u0646\u0627\u062f \u062a\u0648\u0644\u06cc\u062f \u0634\u062f\u0647 \u0627\u0648\u0627\u0633\u067e\u060c \u062e\u0648\u062f \u0631\u0627 \u062f\u0631 \u0628\u062d\u062b \u0627\u0645\u0646\u06cc\u062a \u0628\u0631\u0648\u0632 \u0646\u06af\u0647\u200c \u062f\u0627\u0631\u0646\u062f \u0632\u06cc\u0631\u0627 \u06a9\u0647 \u0627\u06a9\u062b\u0631 \u0627\u0633\u0646\u0627\u062f \u0627\u0648\u0627\u0633\u067e \u0628\u0647 \u0635\u0648\u0631\u062a \u0633\u0627\u0644\u0627\u0646\u0647 \u0628\u0631\u0648\u0632 \u0634\u062f\u0647 \u0648 \u0628\u0631\u0627\u0633\u0627\u0633 \u0646\u062a\u0627\u06cc\u062c \u0622\u0645\u0627\u0631\u200c\u0647\u0627\u06cc \u062c\u062f\u06cc\u062f \u0648\u06cc\u0631\u0627\u06cc\u0634 \u0645\u06cc\u200c\u0634\u0648\u0646\u062f. \u0646\u0645\u0648\u0646\u0647 \u0627\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0627\u0633\u0646\u0627\u062f\u060c \u0633\u0646\u062f <a href=\"https:\/\/www.irandnn.ir\/mag\/owasp-top-10\/\">OWASP Top 10<\/a> \u0645\u06cc\u200c\u0628\u0627\u0634\u062f \u06a9\u0647 \u062a\u0627 6 \u0646\u0633\u062e\u0647 \u0627\u0632 \u0622\u0646 \u0639\u0645\u0648\u0645\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a.<br \/>\n\u0628\u0627\u06cc\u062f \u062f\u0627\u0646\u0633\u062a \u06a9\u0647 \u062a\u063a\u06cc\u06cc\u0631\u0627\u062a \u0645\u0648\u0631\u062f \u0628\u062d\u062b\u060c \u0628\u0633\u06cc\u0627\u0631 \u0632\u06cc\u0627\u062f \u0627\u0633\u062a \u0648 \u062a\u0648\u0633\u0639\u0647 \u062f\u0647\u0646\u062f\u0647 \u06cc\u0627 \u0645\u062a\u062e\u0635\u0635 \u0628\u0627 \u0628\u0631\u0631\u0633\u06cc \u0627\u0633\u0646\u0627\u062f \u0642\u062f\u06cc\u0645\u06cc\u200c\u062a\u0631 \u0646\u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0627\u0646\u062f\u0627\u0632\u0647 \u06a9\u0627\u0641\u06cc \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0627\u06cc \u0627\u0645\u0646 \u0631\u0627 \u0645\u062a\u0646\u0627\u0633\u0628 \u0628\u0627 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0631\u0648\u0632 \u062a\u0648\u0644\u06cc\u062f \u0646\u0645\u0627\u06cc\u062f. \u0628\u0647 \u0647\u0645\u06cc\u0646 \u062f\u0644\u06cc\u0644 \u0628\u0631\u0631\u0633\u06cc \u0645\u0646\u0638\u0645 \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627 \u0627\u0645\u0631\u06cc \u0648\u0627\u062c\u0628 \u0645\u06cc\u200c\u0628\u0627\u0634\u062f.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%D8%AA%D8%A7%D8%B1%DB%8C%D8%AE%DA%86%D9%87_OWASP\"><\/span><strong>\u062a\u0627\u0631\u06cc\u062e\u0686\u0647 OWASP<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>\u0628\u0631\u0627\u06cc \u062f\u0627\u0634\u062a\u0646 \u06cc\u06a9 \u062a\u0627\u0631\u06cc\u062e\u0686\u0647 \u0627\u0632 \u0641\u0639\u0627\u0644\u06cc\u062a\u200c\u0647\u0627 \u0648 \u0627\u0642\u062f\u0627\u0645\u0627\u062a \u0627\u0648\u0627\u0633\u067e \u0646\u06cc\u0627\u0632 \u0627\u0633\u062a \u06a9\u0647 \u0628\u0647 \u0633\u0627\u0644 2001 \u0628\u0631\u06af\u0631\u062f\u06cc\u0645. \u0646\u062e\u0633\u062a\u06cc\u0646 \u0628\u0627\u0631 \u062f\u0631 \u0627\u06cc\u0646 \u0633\u0627\u0644 \u0627\u0648\u0627\u0633\u067e \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u0645\u062c\u0645\u0648\u0639\u0647\u200c\u0627\u06cc \u063a\u06cc\u0631 \u0631\u0633\u0645\u06cc \u0634\u0631\u0648\u0639 \u0628\u0647 \u062c\u0645\u0639\u200c\u0622\u0648\u0631\u06cc \u0631\u0648\u0634\u200c\u0647\u0627\u06cc \u0628\u0631\u0646\u0627\u0645\u0647 \u0646\u0648\u06cc\u0633\u06cc \u0627\u06cc\u0645\u0646 \u0646\u0645\u0648\u062f \u0648 \u0641\u0639\u0627\u0644\u06cc\u062a \u062e\u0648\u062f \u0631\u0627 \u0622\u063a\u0627\u0632 \u06a9\u0631\u062f. \u062f\u0631 \u0627\u06cc\u0646 \u0632\u0645\u0627\u0646 \u0627\u0648\u0627\u0633\u067e \u0628\u0647 \u0627\u06cc\u0646 \u0634\u062f\u062a \u0634\u0646\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0646\u0628\u0648\u062f \u0648 \u0647\u0646\u0648\u0632 \u062f\u0631 \u062f\u06cc\u062f \u0639\u0645\u0648\u0645 \u0645\u0639\u062a\u0628\u0631 \u062e\u0648\u0627\u0646\u062f\u0647 \u0646\u0645\u06cc\u200c\u0634\u062f.<br \/>\n\u062f\u0631 \u0633\u0627\u0644 2004\u060c OWASP \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u06cc\u06a9 \u0633\u0627\u0632\u0645\u0627\u0646 \u063a\u06cc\u0631\u062f\u0648\u0644\u062a\u06cc \u062b\u0628\u062a \u06af\u0631\u062f\u06cc\u062f \u0648 \u0634\u0631\u0648\u0639 \u0641\u0639\u0627\u0644\u06cc\u062a\u200c\u0647\u0627\u06cc \u0631\u0633\u0645\u06cc \u062e\u0648\u062f \u0631\u0627 \u0627\u0632 \u0627\u06cc\u0646 \u0633\u0627\u0644 \u0622\u063a\u0627\u0632 \u0646\u0645\u0648\u062f \u0627\u06cc\u0646 \u0633\u0627\u0632\u0645\u0627\u0646 \u06a9\u0647 \u062f\u0631 \u067e\u06cc \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u0627\u0632 \u062d\u0645\u0644\u0627\u062a \u0645\u0639\u0645\u0648\u0644 \u062f\u0631 \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0628\u0648\u062f\u060c \u0631\u0641\u062a\u0647 \u0631\u0641\u062a\u0647 \u0634\u0646\u0627\u062e\u062a\u0647\u200c\u062a\u0631 \u0634\u062f \u0648 \u0642\u062f\u0631\u062a \u06af\u0631\u0641\u062a. \u062f\u0631 \u0648\u0627\u0642\u0639 \u0627\u06cc\u0646 \u0627\u0648\u0644\u06cc\u0646 \u062a\u0644\u0627\u0634 \u0628\u0631\u0627\u06cc \u0627\u0633\u062a\u0627\u0646\u062f\u0627\u0631\u062f\u0633\u0627\u0632\u06cc \u0634\u06cc\u0648\u0647\u200c\u0647\u0627\u06cc \u06a9\u062f\u0646\u0648\u06cc\u0633\u06cc \u0627\u06cc\u0645\u0646 \u0628\u0648\u062f. \u0627\u06cc\u0646 \u06cc\u0639\u0646\u06cc \u0627\u0648\u0627\u0633\u067e \u062a\u0628\u062f\u06cc\u0644 \u0628\u0647 \u0627\u0648\u0644\u06cc\u0646 \u0633\u0627\u0632\u0645\u0627\u0646 \u0628\u06cc\u0637\u0631\u0641 \u0628\u0627 \u0631\u0648\u06cc\u06a9\u0631\u062f\u06cc \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0631\u06cc\u0633\u06a9 \u0634\u062f \u06a9\u0647 \u0628\u0631\u0627\u06cc \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u0627\u0632 \u0646\u0641\u0648\u0630 \u0628\u0647 \u0647\u0631 \u0634\u0631\u06a9\u062a \u06cc\u0627 \u0633\u0627\u0632\u0645\u0627\u0646\u06cc \u0637\u0631\u0627\u062d\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a.<br \/>\n\u0642\u0627\u0628\u0644 \u0630\u06a9\u0631 \u0627\u0633\u062a \u06a9\u0647 \u062c\u0641 \u0648\u06cc\u0644\u06cc\u0627\u0645\u0632 \u0627\u0632 \u0647\u0645\u06cc\u0646 \u0632\u0645\u0627\u0646\u200c\u0647\u0627 \u0628\u0648\u062f \u06a9\u0647 \u0628\u0647 \u0635\u0648\u0631\u062a \u062f\u0627\u0648\u0637\u0644\u0628\u0627\u0646\u0647 \u0631\u06cc\u0627\u0633\u062a \u0647\u06cc\u0626\u062a \u0645\u062f\u06cc\u0631\u0647 \u0627\u0648\u0627\u0633\u067e \u0631\u0627 \u0642\u0628\u0648\u0644 \u06a9\u0631\u062f \u0648 \u0628\u0647 \u0639\u0647\u062f\u0647 \u06af\u0631\u0641\u062a.<br \/>\n\u062f\u0631 \u0633\u0627\u0644 2015 \u0631\u06cc\u0627\u0633\u062a \u0647\u06cc\u0626\u062a \u0645\u062f\u06cc\u0631\u0647 \u0627\u0648\u0627\u0633\u067e \u062a\u0648\u0633\u0637 \u0645\u062a \u06a9\u0648\u0646\u062f\u0627 \u0642\u0628\u0648\u0644 \u0634\u062f \u0648 \u0627\u06cc\u0634\u0627\u0646 \u0627\u06cc\u0646 \u0639\u0646\u0648\u0627\u0646 \u0631\u0627 \u062a\u0627 \u0633\u0627\u0644 2018 \u0627\u062f\u0627\u0631\u0647 \u0646\u0645\u0648\u062f\u0646\u062f.<br \/>\n\u0645\u062f\u06cc\u0631 \u062d\u0627\u0644 \u062d\u0627\u0636\u0631 OWASP \u0622\u0642\u0627\u06cc \u0627\u0646\u062f\u0631\u0648 \u0648\u0646 \u062f\u0631 \u0627\u0633\u062a\u0627\u06a9 \u0645\u06cc\u200c\u0628\u0627\u0634\u062f \u06a9\u0647 \u0627\u0632 \u0633\u0627\u0644 2018 \u0641\u0639\u0627\u0644\u06cc\u062a \u062e\u0648\u062f \u0631\u0627 \u0628\u0627 \u0627\u06cc\u0646 \u0639\u0646\u0648\u0627\u0646 \u0622\u063a\u0627\u0632 \u0646\u0645\u0648\u062f\u0647 \u0627\u0633\u062a. \u0642\u0627\u0628\u0644 \u0630\u06a9\u0631 \u0627\u0633\u062a \u06a9\u0647 \u0627\u0648\u0627\u0633\u067e \u062f\u0631 \u06a9\u0634\u0648\u0631 \u0628\u0644\u0698\u06cc\u06a9 \u062a\u062d\u062a \u0646\u0627\u0645 OWASP Europe VZW \u062b\u0628\u062a \u0634\u062f\u0647 \u0627\u0633\u062a.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%D9%84%DB%8C%D8%B3%D8%AA_%D9%BE%D8%B1%D9%88%DA%98%D9%87%E2%80%8C_%D9%87%D8%A7%DB%8C_OWASP\"><\/span><strong>\u0644\u06cc\u0633\u062a \u067e\u0631\u0648\u0698\u0647\u200c \u0647\u0627\u06cc OWASP<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><span class=\"ez-toc-section\" id=\"OWASP_AMASS\"><\/span><strong>OWASP AMASS<br \/>\n<img decoding=\"async\" class=\"aligncenter wp-image-5176\" src=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/amass-help-1.jpg\" alt=\"OWASP\" width=\"713\" height=\"340\" srcset=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/amass-help-1.jpg 661w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/amass-help-1-300x143.jpg 300w\" sizes=\"(max-width: 713px) 100vw, 713px\" \/><br \/>\n<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p>\u067e\u0631\u0648\u0698\u0647 OWASP Amass \u0628\u0647 \u0645\u0646\u0638\u0648\u0631 \u062a\u0648\u0633\u0639\u0647 \u06cc\u06a9 \u0627\u0628\u0632\u0627\u0631 \u062c\u0647\u062a \u0646\u0642\u0634\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0634\u0628\u06a9\u0647\u200c\u0627\u06cc \u0627\u0632 \u0633\u0637\u0648\u062d \u0645\u062e\u062a\u0644\u0641 \u062d\u0645\u0644\u0647 \u0648 \u06a9\u0634\u0641 \u062f\u0627\u0631\u0627\u06cc\u06cc\u200c\u0647\u0627\u06cc \u062e\u0627\u0631\u062c\u06cc \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u06a9\u0646\u06cc\u06a9\u200c\u0647\u0627\u06cc \u062c\u0645\u0639\u200c\u0622\u0648\u0631\u06cc \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0645\u0646\u0628\u0639 \u0628\u0627\u0632 (open source information gathering) \u0648 \u062a\u06a9\u0646\u06cc\u06a9\u200c\u0647\u0627\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0641\u0639\u0627\u0644 (active reconnaissance techniques) \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f.<br \/>\n\u0627\u06cc\u0646 \u062a\u06a9\u0646\u06cc\u06a9\u200c\u0647\u0627 \u0634\u0627\u0645\u0644 \u0645\u0648\u0627\u0631\u062f \u0632\u06cc\u0631 \u0645\u06cc\u200c\u0628\u0627\u0634\u0646\u062f.<\/p>\n<table>\n<tbody>\n<tr>\n<td style=\"text-align: center;\"><strong><em>\u062a\u06a9\u0646\u06cc\u06a9<\/em><\/strong><\/td>\n<td style=\"text-align: center;\"><strong>\u0645\u0646\u0627\u0628\u0639 \u0627\u0637\u0644\u0627\u0639\u062a\u06cc<\/strong><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: center;\"><em>DNS<\/em><\/td>\n<td>Brute forcing, Reverse DNS sweeping, NSEC zone walking, Zone transfers, FQDN alterations\/permutations, FQDN Similarity-based Guessing<\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: center;\"><em>Scraping<\/em><\/td>\n<td>AbuseIPDB, Ask, AskDNS, Baidu, Bing, DNSDumpster, DuckDuckGo, Gists, HackerOne, HyperStat, IPv4Info, PKey, RapidDNS, Riddler, Searchcode, Searx, SiteDossier, SpyOnWeb, Yahoo<\/td>\n<\/tr>\n<tr>\n<td><em>Certificates<\/em><\/td>\n<td>Active pulls (optional), Censys, CertSpotter, Crtsh, Digitorus, FacebookCT, GoogleCT<\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: center;\"><em>APIs<\/em><\/td>\n<td>360PassiveDNS, ARIN, Ahrefs, AlienVault, AnubisDB, BinaryEdge, BGPView, BufferOver, BuiltWith, C99, Chaos, CIRCL, Cloudflare, CommonCrawl, DNSDB, DNSlytics, DNSRepo, Detectify, FOFA, FullHunt, GitHub, GitLab, Greynoise, HackerTarget, Hunter, IntelX, IPdata, IPinfo, Maltiverse, Mnemonic, N45HT, NetworksDB, ONYPHE, PassiveTotal, PentestTools, Quake, RADb, Robtex, SecurityTrails, ShadowServer, Shodan, SonarSearch, Spamhaus, Spyse, Sublist3rAPI, TeamCymru, ThreatBook, ThreatCrowd, ThreatMiner, Twitter, Umbrella, URLScan, VirusTotal, WhoisXMLAPI, ZETAlytics, ZoomEye<\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: center;\"><em>Web Archives<\/em><\/td>\n<td>ArchiveIt, Arquivo, HAW, UKWebArchive, Wayback<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h4><span class=\"ez-toc-section\" id=\"OWASP_ASVS\"><\/span><strong>OWASP ASVS<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p>OWASP Application Security Verification Standard \u06a9\u0647 \u0628\u0647 \u0645\u062e\u062a\u0635\u0631 \u0628\u0647 \u0635\u0648\u0631\u062a ASVS \u0647\u0645 \u0627\u0632 \u0622\u0646 \u06cc\u0627\u062f \u0645\u06cc\u200c\u0634\u0648\u062f \u0628\u0627 \u0647\u062f\u0641 \u062a\u0648\u0644\u06cc\u062f \u06cc\u06a9 \u0627\u0633\u062a\u0627\u0646\u062f\u0627\u0631\u062f \u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0628\u0627\u0632 (open application security standard) \u0628\u0631\u0627\u06cc \u0633\u0631\u0648\u06cc\u0633\u200c\u0647\u0627 \u0648 \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u0648\u0628\u06cc \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f.<br \/>\n\u0627\u06cc\u0646 \u0627\u0633\u062a\u0627\u0646\u062f\u0627\u0631\u062f \u0645\u0628\u0646\u0627\u06cc\u06cc \u0627\u0633\u062a \u0628\u0631\u0627\u06cc \u0637\u0631\u0627\u062d\u06cc\u060c \u0633\u0627\u062e\u062a \u0648 \u0622\u0632\u0645\u0627\u06cc\u0634 \u06a9\u0646\u062a\u0631\u0644\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0631\u0646\u0627\u0645\u0647\u200c ( \u0627\u0632 \u062c\u0645\u0644\u0647 \u0645\u0639\u0645\u0627\u0631\u06cc\u060c \u0686\u0631\u062e\u0647 \u0639\u0645\u0631 \u062a\u0648\u0633\u0639\u0647 \u0627\u0645\u0646 \u06cc\u0627 secure development lifecycle\u060c \u0645\u062f\u0644 \u0633\u0627\u0632\u06cc \u062a\u0647\u062f\u06cc\u062f \u0648 \u0627\u0644\u0645\u0627\u0646\u200c\u0647\u0627\u06cc agile security ).<\/p>\n<h4><span class=\"ez-toc-section\" id=\"OWASP_Cheat_Sheet_Series\"><\/span><strong>OWASP Cheat Sheet Series<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p><img decoding=\"async\" class=\"alignnone wp-image-5185 size-large\" src=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/Preface_Cheatsheet_Logo-1024x790.png\" alt=\"OWASP Cheat sheet seres\" width=\"1024\" height=\"790\" srcset=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/Preface_Cheatsheet_Logo-1024x790.png 1024w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/Preface_Cheatsheet_Logo-300x231.png 300w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/Preface_Cheatsheet_Logo-768x592.png 768w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/Preface_Cheatsheet_Logo-1536x1185.png 1536w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/Preface_Cheatsheet_Logo-2048x1580.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p>OWASP Cheat Sheet Series \u067e\u0631\u0648\u0698\u0647\u200c\u0627\u06cc \u0628\u0647 \u0645\u0646\u0638\u0648\u0631 \u06a9\u0645\u06a9 \u0631\u0633\u0627\u0646\u06cc \u0628\u0647 \u0639\u062f\u0645 \u0641\u0631\u0627\u0645\u0648\u0634\u06cc \u062f\u0633\u062a\u0648\u0631\u0627\u0644\u0639\u0645\u0644\u200c\u0647\u0627 \u0645\u06cc\u200c\u0628\u0627\u0634\u062f.<br \/>\n\u0647\u0645\u0627\u0646\u0637\u0648\u0631 \u06a9\u0647 \u0627\u0632 \u0646\u0627\u0645 \u0627\u06cc\u0646 \u067e\u0631\u0648\u0698\u0647 \u067e\u06cc\u062f\u0627 \u0627\u0633\u062a \u0627\u06cc\u0646 \u067e\u0631\u0648\u0698\u0647 \u0645\u062c\u0645\u0648\u0639\u0647\u200c\u0627\u06cc \u0627\u0632 \u0628\u0631\u06af\u0647\u200c\u0647\u0627\u06cc \u062a\u0642\u0644\u0628 \u0627\u0633\u062a.<br \/>\n\u0634\u0645\u0627 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u06cc\u062f \u0627\u06cc\u0646 \u067e\u0631\u0648\u0698\u0647 \u0631\u0627 \u0627\u0632 \u06af\u06cc\u062a\u200c\u0647\u0627\u0628 \u062f\u0627\u0646\u0644\u0648\u062f \u0648 \u0633\u067e \u0628\u06cc\u0644\u062f (Build) \u0646\u0645\u0627\u06cc\u06cc\u062f \u0648 \u06cc\u0627 \u0646\u0633\u062e\u0647 \u0628\u06cc\u0644\u062f \u0634\u062f\u0647 \u0622\u0646 \u0631\u0627 \u0627\u0632 <a href=\"https:\/\/owasp.org\/www-project-cheat-sheets\/\" target=\"_blank\" rel=\"noopener\">\u0635\u0641\u062d\u0647 \u0627\u06cc\u0646 \u067e\u0631\u0648\u0698\u0647<\/a> \u062f\u0627\u0646\u0644\u0648\u062f \u0646\u0645\u0627\u06cc\u06cc\u062f.<\/p>\n<h4><span class=\"ez-toc-section\" id=\"OWASP_CSRFGuard\"><\/span><strong>OWASP CSRFGuard<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p>\u0647\u0645\u0627\u0646\u0637\u0648\u0631 \u06a9\u0647 \u0627\u0632 \u0646\u0627\u0645 \u0627\u06cc\u0646 \u0627\u0628\u0632\u0627\u0631 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646 \u0641\u0647\u0645\u06cc\u062f \u067e\u0631\u0648\u0698\u0647 CSRFGuard \u0628\u0627 \u0647\u062f\u0641 \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u0627\u0632 \u062d\u0645\u0644\u0627\u062a CSRF \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f\u0647 \u0627\u0633\u062a.<br \/>\n\u0627\u06cc\u0646 \u0627\u0628\u0632\u0627\u0631 \u06a9\u062a\u0627\u0628\u062e\u0627\u0646\u0647\u200c\u0627\u06cc \u0645\u06cc\u200c\u0628\u0627\u0634\u062f \u06a9\u0647 \u0646\u0648\u0639\u06cc \u0627\u0644\u06af\u0648\u06cc \u062a\u0648\u06a9\u0646 \u0647\u0645\u06af\u0627\u0645\u200c\u0633\u0627\u0632 (synchronizer) \u0631\u0627 \u067e\u06cc\u0627\u062f\u0647\u200c\u0633\u0627\u0632\u06cc \u0645\u06cc\u200c\u06a9\u0646\u062f.<\/p>\n<div class=\"bs-shortcode-alert alert alert-info\"><strong>\u0628\u0631\u0627\u06cc \u062e\u0648\u0627\u0646\u062f\u0646 \u0628\u06cc\u0634\u062a\u0631 \u062f\u0631 \u0645\u0648\u0631\u062f \u0627\u0647\u0645\u06cc\u062a \u062a\u0648\u06a9\u0646\u200c\u0647\u0627\u06cc CSRF \u0648 \u062d\u0645\u0644\u0627\u062a CSRF <a href=\"https:\/\/www.irandnn.ir\/mag\/what-is-a-csrf-vulnerability\/\">\u0627\u06cc\u0646 \u0645\u0637\u0644\u0628<\/a> \u0631\u0627 \u0628\u062e\u0648\u0627\u0646\u06cc\u062f.<\/strong><\/div>\n<h4><span class=\"ez-toc-section\" id=\"OWASP_CycloneDX\"><\/span><strong>OWASP CycloneDX<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p><img decoding=\"async\" class=\"alignnone wp-image-5190 size-large\" src=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/CycloneDX-Twitter-Card-1024x512.png\" alt=\"CycloneDX\" width=\"1024\" height=\"512\" srcset=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/CycloneDX-Twitter-Card-1024x512.png 1024w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/CycloneDX-Twitter-Card-300x150.png 300w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/CycloneDX-Twitter-Card-768x384.png 768w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/CycloneDX-Twitter-Card.png 1500w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p>\u0627\u0645\u0631\u0648\u0632\u0647 \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631\u200c\u0647\u0627\u06cc \u0645\u062f\u0631\u0646 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u062c\u0632\u0627\u06cc \u0634\u062e\u0635 \u062b\u0627\u0644\u062b \u0648 \u0645\u0646\u0628\u0639 \u0628\u0627\u0632 \u0645\u0648\u0646\u062a\u0627\u0698 \u0645\u06cc\u200c\u0634\u0648\u0646\u062f. \u0627\u062c\u0632\u0627\u06cc \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627 \u0628\u0627 \u0631\u0648\u0634\u200c\u0647\u0627\u06cc\u06cc \u067e\u06cc\u0686\u06cc\u062f\u0647 \u0648 \u0645\u0646\u062d\u0635\u0631 \u0628\u0647 \u0641\u0631\u062f\u06cc \u0628\u0647 \u0647\u0645 \u0686\u0633\u0628\u06cc\u062f\u0647 \u0645\u06cc\u200c\u0634\u0648\u0646\u062f \u0648 \u0627\u062c\u0632\u0627\u06cc \u062e\u0627\u0631\u062c\u06cc \u0628\u0627 \u06a9\u062f \u0627\u0635\u0644\u06cc \u06cc\u06a9\u067e\u0627\u0631\u0686\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f \u062a\u0627 \u0646\u06cc\u0627\u0632 \u0648 \u0647\u062f\u0641 \u0628\u0631\u0646\u0627\u0645\u0647 \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u062a\u0627\u0645\u06cc\u0646 \u0634\u0648\u062f. \u062f\u0627\u0646\u0633\u062a\u0646 \u062f\u0642\u06cc\u0642 \u0648 \u062f\u0627\u0634\u062a\u0646 \u0644\u06cc\u0633\u062a\u06cc \u0627\u0632 \u062a\u0645\u0627\u0645\u06cc \u0627\u06cc\u0646 \u062c\u0632\u0621\u200c\u0647\u0627\u060c \u0633\u0627\u0632\u0645\u0627\u0646\u200c\u0647\u0627 \u0631\u0627 \u0642\u0627\u062f\u0631 \u0645\u06cc\u200c\u0633\u0627\u0632\u062f \u062a\u0627 \u0631\u06cc\u0633\u06a9\u200c\u0647\u0627 \u0631\u0627 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0648 \u062e\u0637\u0631\u0627\u062a \u0627\u062d\u062a\u0645\u0627\u0644\u06cc \u0631\u0627 \u067e\u0648\u0634\u0634 \u062f\u0647\u0646\u062f. \u0627\u06cc\u0646 \u0645\u0648\u0636\u0648\u0639 \u0634\u0641\u0627\u0641\u06cc\u062a \u0631\u0627 \u0628\u06cc\u0634\u062a\u0631 \u0648 \u062a\u062c\u0632\u06cc\u0647 \u0648 \u062a\u062d\u0644\u06cc\u0644 \u0633\u0631\u06cc\u0639\u200c\u062a\u0631 \u0631\u0627 \u0645\u0645\u06a9\u0646 \u0645\u06cc\u200c\u06a9\u0646\u062f.<br \/>\n\u0647\u062f\u0641 \u067e\u0631\u0648\u0698\u0647 OWASP CycloneDX \u0627\u0646\u062c\u0627\u0645 \u0627\u06cc\u0646 \u0645\u0647\u0645 \u0645\u06cc\u200c\u0628\u0627\u0634\u062f. \u0627\u06cc\u0646 \u067e\u0631\u0648\u0698\u0647 \u06cc\u06a9 \u0627\u0633\u062a\u0627\u0646\u062f\u0627\u0631\u062f SBOM \u06cc\u0627 Software Bill of Materials \u0633\u0628\u06a9 \u0648\u0632\u0646 \u0645\u06cc\u200c\u0628\u0627\u0634\u062f \u06a9\u0647 \u0628\u0647 \u0645\u0646\u0638\u0648\u0631 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u062f\u0631 \u0632\u0645\u06cc\u0646\u0647\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u062f\u0631 \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627 \u0648 \u0627\u0646\u062c\u0627\u0645 \u062a\u062c\u0632\u06cc\u0647 \u0648 \u062a\u062d\u0644\u06cc\u0644 \u062a\u0645\u0627\u0645 \u0627\u062c\u0632\u0627\u06cc \u06cc\u06a9 \u0628\u0631\u0646\u0627\u0645\u0647\u060c \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f\u0647 \u0627\u0633\u062a.<\/p>\n<h4><span class=\"ez-toc-section\" id=\"OWASP_Defectdojo\"><\/span><strong>OWASP Defectdojo<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p>OWASP Defectdojo \u06cc\u06a9 \u0627\u0628\u0632\u0627\u0631 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc (vulnerability management) \u0645\u0646\u0628\u0639 \u0628\u0627\u0632 \u0645\u06cc\u200c\u0628\u0627\u0634\u062f \u06a9\u0647 \u0641\u0631\u0627\u06cc\u0646\u062f \u0622\u0632\u0645\u0627\u06cc\u0634 \u0645\u0648\u0627\u0631\u062f\u06cc \u0645\u0627\u0646\u0646\u062f \u0627\u0631\u0627\u0626\u0647 \u062f\u0627\u062f\u0646 \u0627\u0644\u06af\u0648\u060c \u062a\u0648\u0644\u06cc\u062f \u06af\u0632\u0627\u0631\u0634\u060c \u0645\u0639\u06cc\u0627\u0631 \u0648 \u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc \u0633\u0644\u0641 \u0633\u0631\u0648\u06cc\u0633 \u067e\u0627\u06cc\u0647\u200c\u0627\u06cc (baseline self-service) \u0631\u0627 \u0633\u0627\u062f\u0647 \u0645\u06cc\u200c\u0646\u0645\u0627\u06cc\u062f.<br \/>\nDefectDojo \u06cc\u06a9 \u0627\u0628\u0632\u0627\u0631 \u06cc\u0627 \u0628\u0631\u0646\u0627\u0645\u0647 \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0627\u0633\u062a \u06a9\u0647 \u0628\u0647 \u0632\u0628\u0627\u0646 \u067e\u0627\u06cc\u062a\u0648\u0646 \u062a\u0648\u0633\u0639\u0647 \u062f\u0627\u062f\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a. \u0627\u06cc\u0646 \u067e\u0631\u0648\u0698\u0647 \u062f\u0631 \u0633\u0627\u0644 2013 \u0634\u0631\u0648\u0639 \u0648 \u062f\u0631 \u0633\u0627\u0644 2015 \u0628\u0635\u0648\u0631\u062a \u0645\u0646\u0628\u0639 \u0628\u0627\u0632 \u0645\u0646\u062a\u0634\u0631 \u0634\u062f. \u0627\u06cc\u0646 \u0627\u0628\u0632\u0627\u0631 \u0628\u0631\u0627\u06cc \u06a9\u0627\u0647\u0634 \u062f\u0631\u062f\u0633\u0631\u0647\u0627\u06cc \u0628\u0647\u06cc\u0646\u0647\u200c\u0633\u0627\u0632\u06cc \u0631\u062f\u06cc\u0627\u0628\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u06cc\u0627 vulnerability tracking optimization \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f \u0648 \u0647\u062f\u0641 \u0627\u0635\u0644\u06cc \u0622\u0646 \u06a9\u0627\u0647\u0634 \u0632\u0645\u0627\u0646 \u0645\u0648\u0631\u062f \u0646\u06cc\u0627\u0632 \u0628\u0631\u0627\u06cc \u0644\u0627\u06af \u06a9\u0631\u062f\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u062a\u0648\u0633\u0637 \u0645\u062a\u062e\u0635\u0635\u0627\u0646 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0645\u06cc\u200c\u0628\u0627\u0634\u062f.<\/p>\n<h4><span class=\"ez-toc-section\" id=\"OWASP_Dependency-Check\"><\/span><strong>OWASP Dependency-Check<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p><img decoding=\"async\" class=\"wp-image-5192 size-large aligncenter\" src=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/dc-1024x323.jpg\" alt=\"OWASP Dependency Check\" width=\"1024\" height=\"323\" srcset=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/dc-1024x323.jpg 1024w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/dc-300x95.jpg 300w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/dc-768x242.jpg 768w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/dc-1536x484.jpg 1536w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/dc.jpg 1858w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p>Dependency-Check \u06cc\u06a9 \u0627\u0628\u0632\u0627\u0631 SCA \u06cc\u0627 \u0647\u0645\u0627\u0646 Software Composition Analysis \u0645\u06cc\u200c\u0628\u0627\u0634\u062f \u06a9\u0647 \u062a\u0644\u0627\u0634 \u0645\u06cc\u200c\u06a9\u0646\u062f \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0627\u0641\u0634\u0627 \u0634\u062f\u0647 \u0648 \u0639\u0645\u0648\u0645\u06cc \u0645\u0648\u062c\u0648\u062f \u062f\u0631 dependency \u0647\u0627\u06cc \u06cc\u06a9 \u067e\u0631\u0648\u0698\u0647 \u0631\u0627 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0646\u0645\u0627\u06cc\u062f.<br \/>\n\u0627\u06cc\u0646 \u0627\u0628\u0632\u0627\u0631 \u0647\u062f\u0641 \u062e\u0648\u062f \u0631\u0627 \u0628\u0627 \u062a\u0639\u06cc\u06cc\u0646 \u0627\u06cc\u0646\u06a9\u0647 \u0622\u06cc\u0627 \u06cc\u06a9 CPE \u06cc\u0627 Common Platform Enumeration \u0628\u0631\u0627\u06cc \u06cc\u06a9 dependency \u0645\u0634\u062e\u0635 \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f \u06cc\u0627 \u0646\u0647\u060c \u0645\u062d\u0642\u0642 \u0646\u0645\u06cc\u200c\u0646\u0645\u0627\u06cc\u062f. \u062f\u0631 \u0635\u0648\u0631\u062a\u06cc \u06a9\u0647 \u0628\u0631\u0627\u06cc \u06cc\u06a9 dependency \u06cc\u06a9 CPE \u06cc\u0627\u0641\u062a \u0634\u0648\u062f \u06af\u0632\u0627\u0631\u0634\u06cc \u0631\u0627 \u0627\u06cc\u062c\u0627\u062f \u0648 \u062f\u0631 \u0622\u0646 \u0634\u0645\u0627 \u0631\u0627 \u0628\u0647 \u0648\u0631\u0648\u062f\u06cc CVE \u0645\u0631\u062a\u0628\u0637 \u0627\u0646\u062a\u0642\u0627\u0644 \u0645\u06cc\u200c\u062f\u0647\u062f<\/p>\n<h4><span class=\"ez-toc-section\" id=\"OWASP_Dependency-Track\"><\/span><strong>OWASP Dependency-Track<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-5194 size-large\" src=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/dt-logo-white-text-1024x183.png\" alt=\"OWASP Dependency-Track\" width=\"1024\" height=\"183\" srcset=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/dt-logo-white-text-1024x183.png 1024w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/dt-logo-white-text-300x54.png 300w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/dt-logo-white-text-768x137.png 768w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/dt-logo-white-text-1536x274.png 1536w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/dt-logo-white-text-2048x366.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p>Dependency-Track \u06cc\u06a9 \u067e\u0644\u062a\u0641\u0631\u0645 \u0647\u0648\u0634\u0645\u0646\u062f \u062a\u062c\u0632\u06cc\u0647 \u0648 \u062a\u062d\u0644\u06cc\u0644 Component \u0645\u06cc\u200c\u0628\u0627\u0634\u062f \u06a9\u0647 \u0628\u0647 \u0633\u0627\u0632\u0645\u0627\u0646\u200c\u0647\u0627 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u06a9\u0647 \u0631\u06cc\u0633\u06a9 \u0631\u0627 \u062f\u0631 \u0632\u0646\u062c\u06cc\u0631\u0647 \u062a\u0627\u0645\u06cc\u0646 (supply chain) \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0648 \u06a9\u0627\u0647\u0634 \u062f\u0647\u062f. Dependency-Track \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0642\u0627\u0628\u0644\u06cc\u062a\u200c\u0647\u0627\u06cc \u0627\u0628\u0632\u0627\u0631 SBOM \u0631\u0648\u06cc\u06a9\u0631\u062f\u06cc \u0645\u0646\u062d\u0635\u0631 \u0628\u0647 \u0641\u0631\u062f \u0648 \u0628\u0633\u06cc\u0627\u0631 \u0633\u0648\u062f\u0645\u0646\u062f \u0631\u0627 \u062f\u0631 \u067e\u06cc\u0634 \u0645\u06cc\u200c\u06af\u06cc\u0631\u062f. \u0627\u06cc\u0646 \u0631\u0648\u06cc\u06a9\u0631\u062f \u0642\u0627\u0628\u0644\u06cc\u062a\u200c\u0647\u0627\u06cc\u06cc \u0631\u0627 \u0641\u0631\u0627\u0647\u0645 \u0645\u06cc\u200c\u06a9\u0646\u062f \u06a9\u0647 \u0631\u0627\u0647\u200c\u062d\u0644\u200c\u0647\u0627\u06cc \u0633\u0646\u062a\u06cc SCA \u0646\u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0622\u0646 \u062f\u0633\u062a \u06cc\u0627\u0628\u062f.<\/p>\n<h4><span class=\"ez-toc-section\" id=\"OWASP_Juice_Shop\"><\/span><strong>OWASP Juice Shop<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p><img decoding=\"async\" class=\"alignleft wp-image-5195 \" src=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/JuiceShop_Logo_100px.png\" alt=\"OWASP Juice Shop\" width=\"237\" height=\"275\" \/><\/p>\n<p>Juice Shop \u067e\u0631\u0648\u0698\u0647\u200c\u0627\u06cc \u06a9\u0647 \u0628\u0631\u0627\u06cc \u062a\u0645\u0631\u06cc\u0646\u060c \u062a\u0648\u0633\u0639\u0647 \u0641\u0631\u062f\u06cc \u0648 \u0627\u0646\u062c\u0627\u0645 \u0622\u0632\u0645\u0627\u06cc\u0634\u0627\u062a \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f\u0647 \u0627\u0633\u062a.<br \/>\nJuice Shop \u06cc\u06a9 \u0641\u0631\u0648\u0634\u06af\u0627\u0647 \u0646\u0627\u0627\u0645\u0646 \u0627\u0646\u0644\u0627\u06cc\u0646 \u0627\u0633\u062a \u06a9\u0647 \u0628\u0647 \u0634\u0645\u0627 \u0641\u0636\u0627\u06cc\u06cc \u0631\u0627 \u0627\u0631\u0627\u0626\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u062a\u0627 \u0641\u0631\u0627\u06cc\u0646\u062f\u200c\u0647\u0627\u06cc\u06cc \u0645\u0627\u0646\u0646\u062f \u062a\u0633\u062a \u0646\u0641\u0648\u0630 \u0648 \u06cc\u0627 \u062a\u0633\u062a \u0627\u0628\u0632\u0627\u0631\u200c\u0647\u0627\u06cc \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u06cc\u0627 vulnerability assessment \u0631\u0627 \u0622\u0632\u0645\u0627\u06cc\u0634 \u0646\u0645\u0627\u06cc\u06cc\u062f.<br \/>\n\u0627\u06cc\u0646 CTF \u0634\u0627\u0645\u0644 \u062a\u0645\u0627\u0645 <a href=\"https:\/\/www.irandnn.ir\/mag\/owasp-top-10\/\">10 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0628\u0631\u062a\u0631 OWASP<\/a> \u0648 \u0628\u0633\u06cc\u0627\u0631\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u062f\u06cc\u06af\u0631 \u0645\u06cc\u200c\u0628\u0627\u0634\u062f. \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc\u06cc \u06a9\u0647 \u062f\u0631 \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u062f\u0646\u06cc\u0627\u06cc \u0648\u0627\u0642\u0639\u06cc \u06cc\u0627\u0641\u062a \u062e\u0648\u0627\u0647\u06cc\u062f \u06a9\u0631\u062f.<\/p>\n<h4><span class=\"ez-toc-section\" id=\"OWASP_Mobile_Security_Testing_Guide\"><\/span><strong>OWASP Mobile Security Testing Guide<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p><img decoding=\"async\" class=\" wp-image-5199 alignleft\" src=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/mstg-cover-release-small-227x300.jpg\" alt=\"MSTG\" width=\"295\" height=\"390\" srcset=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/mstg-cover-release-small-227x300.jpg 227w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/mstg-cover-release-small.jpg 300w\" sizes=\"(max-width: 295px) 100vw, 295px\" \/><\/p>\n<p>Mobile Security Testing guide \u06a9\u0647 \u0628\u0647 \u0645\u062e\u062a\u0635\u0631 \u0628\u0647 \u0635\u0648\u0631\u062a MSTG \u06cc\u0627\u062f \u0645\u06cc\u200c\u0634\u0648\u062f \u062f\u0641\u062a\u0631\u0686\u0647 \u0631\u0627\u0647\u0646\u0645\u0627\u06cc\u06cc \u062c\u0627\u0645\u0639 \u0628\u0631\u0627\u06cc \u062a\u0633\u062a \u0627\u0645\u0646\u06cc\u062a \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u062a\u0644\u0641\u0646 \u0647\u0645\u0631\u0627\u0647 \u0648 \u0631\u0627\u0647\u0646\u0645\u0627\u06cc\u06cc \u0628\u0631\u0627\u06cc \u0645\u0647\u0646\u062f\u0633\u06cc \u0645\u0639\u06a9\u0648\u0633 \u0628\u0631\u0627\u06cc \u06a9\u0627\u0631\u0634\u0646\u0627\u0633\u0627\u0646 \u0648 \u062a\u0633\u062a\u0631\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc Android \u0648 IOS \u0645\u06cc\u200c\u0628\u0627\u0634\u062f.<br \/>\n\u0645\u062d\u062a\u0648\u0627\u200c\u0647\u0627\u06cc\u06cc \u06a9\u0647 \u0634\u0645\u0627 \u062f\u0631 \u0627\u06cc\u0646 \u0631\u0627\u0647\u0646\u0645\u0627 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u06cc\u062f \u0628\u062e\u0648\u0627\u0646\u06cc\u062f \u0639\u0628\u0627\u0631\u062a \u0627\u0646\u062f \u0627\u0632:<\/p>\n<ul>\n<li>\u067e\u0644\u062a\u0641\u0631\u0645\u200c\u0647\u0627\u06cc \u062f\u0627\u062e\u0644\u06cc \u0645\u0648\u0628\u0627\u06cc\u0644<\/li>\n<li>\u0622\u0632\u0645\u0627\u06cc\u0634\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u062f\u0631 \u0686\u0631\u062e\u0647 \u0639\u0645\u0631 \u062a\u0648\u0633\u0639\u0647 \u0628\u0631\u0646\u0627\u0645\u0647 \u0645\u0648\u0628\u0627\u06cc\u0644<\/li>\n<li>\u0622\u0632\u0645\u0627\u06cc\u0634\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0647 \u0635\u0648\u0631\u062a \u067e\u0648\u06cc\u0627 \u0648 \u0627\u06cc\u0633\u062a\u0627<\/li>\n<li>\u0645\u0647\u0646\u062f\u0633\u06cc \u0645\u0639\u06a9\u0648\u0633 \u0648 \u062f\u0633\u062a\u06a9\u0627\u0631\u06cc \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0645\u0648\u0628\u0627\u06cc\u0644<\/li>\n<li>\u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062d\u0641\u0627\u0638\u062a\u200c\u0647\u0627\u06cc \u067e\u06cc\u0627\u062f\u0647\u200c\u0633\u0627\u0632\u06cc \u0634\u062f\u0647 \u0631\u0648\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631<\/li>\n<li>\u0645\u0648\u0627\u0631\u062f\u06cc \u0645\u0641\u0635\u0644 \u0628\u0647 \u0645\u0646\u0638\u0648\u0631 \u0622\u0632\u0645\u0627\u06cc\u0634 \u0645\u0637\u0627\u0628\u0642 \u0628\u0627 \u0627\u0644\u0632\u0627\u0645\u0627\u062a MASVS<\/li>\n<\/ul>\n<h4><span class=\"ez-toc-section\" id=\"OWASP_ModSecurity_Core_Rule_Set\"><\/span><strong>OWASP ModSecurity Core Rule Set<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-5204 size-full\" src=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/CRS-logo-full_size-512x257-1.png\" alt=\"OWASP ModSecurity Core Rule Set\" width=\"512\" height=\"257\" srcset=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/CRS-logo-full_size-512x257-1.png 512w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/CRS-logo-full_size-512x257-1-300x151.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><\/p>\n<p>ModSecurity Core Rule Set \u0648 \u0628\u0647 \u0645\u062e\u062a\u0635\u0631 ModSecurity CRS \u0645\u062c\u0645\u0648\u0639\u0647\u200c\u0627\u06cc \u0627\u0632 \u0642\u0648\u0627\u0646\u06cc\u0646 \u0628\u0631\u0627\u06cc \u062a\u0634\u062e\u06cc\u0635 \u062d\u0645\u0644\u0627\u062a \u0639\u0645\u0648\u0645\u06cc \u0648 \u0628\u0631\u0627\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0628\u0627 ModSecurity \u06cc\u0627 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644\u200c\u0647\u0627\u06cc \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0648\u0628 \u0645\u06cc\u200c\u0628\u0627\u0634\u062f.<br \/>\n\u0647\u062f\u0641 CRS \u0645\u062d\u0627\u0641\u0638\u062a \u0627\u0632 \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0648\u0628 \u062f\u0631 \u0628\u0631\u0627\u0628\u0631 \u0637\u06cc\u0641 \u06af\u0633\u062a\u0631\u062f\u0647\u200c\u0627\u06cc \u0627\u0632 \u062d\u0645\u0644\u0627\u062a\u060c \u0627\u0632 \u062c\u0645\u0644\u0647 <a href=\"https:\/\/www.irandnn.ir\/mag\/owasp-top-10\/\">\u062f\u0647 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0628\u0631\u062a\u0631 OWASP<\/a> \u0628\u0627 \u062a\u0645\u0631\u06a9\u0632 \u0628\u0631 \u0628\u0647 \u062d\u062f\u0627\u0642\u0644 \u0631\u0633\u0627\u0646\u06cc \u0647\u0634\u062f\u0627\u0631\u200c\u0647\u0627\u06cc \u0646\u0627\u062f\u0631\u0633\u062a \u0645\u06cc\u200c\u0628\u0627\u0634\u062f.<\/p>\n<h4><span class=\"ez-toc-section\" id=\"OWASP_Nightingale\"><\/span><strong>OWASP Nightingale<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-5206 size-large\" src=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/Nightingale-1024x475.png\" alt=\"OWASP Nightingale\" width=\"1024\" height=\"475\" srcset=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/Nightingale-1024x475.png 1024w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/Nightingale-300x139.png 300w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/Nightingale-768x356.png 768w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/Nightingale.png 1500w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<div class=\"bs-shortcode-alert alert alert-info\">\n<p><strong>\u0628\u0631\u0627\u06cc \u062f\u0631\u06a9 \u0628\u0647\u062a\u0631 \u0627\u06cc\u0646 \u067e\u0631\u0648\u0698\u0647 \u062f\u0631 \u0645\u0631\u062d\u0644\u0647 \u0627\u0648\u0644 \u0628\u0647\u062a\u0631 \u0627\u0633\u062a \u0628\u062f\u0627\u0646\u06cc\u062f <a href=\"https:\/\/www.irandnn.ir\/mag\/what-is-docker\/\">\u062f\u0627\u06a9\u0631 \u0686\u06cc\u0633\u062a<\/a>.<\/strong><\/p>\n<\/div>\n<p>\u062f\u0631 \u0633\u0627\u062f\u0647\u200c\u062a\u0631\u06cc\u0646 \u062a\u0639\u0631\u06cc\u0641 \u067e\u0631\u0648\u0698\u0647 Nightingale \u06cc\u06a9 Docker image \u0628\u0631\u0627\u06cc \u06a9\u0627\u0631\u0634\u0646\u0627\u0633\u0627\u0646 \u062a\u0633\u062a \u0646\u0641\u0648\u0630 \u0645\u06cc\u200c\u0628\u0627\u0634\u062f.<br \/>\nNightingale \u0634\u0627\u0645\u0644 \u062a\u0645\u0627\u0645\u06cc \u0627\u0628\u0632\u0627\u0631\u200c\u0647\u0627\u06cc \u0645\u0639\u0631\u0648\u0641 \u0645\u0648\u0631\u062f \u0646\u06cc\u0627\u0632 \u0628\u0631\u0627\u06cc \u06cc\u06a9 \u067e\u0646 \u062a\u0633\u062a\u0631 \u0645\u06cc\u200c\u0628\u0627\u0634\u062f \u06a9\u0647 \u062f\u0631 \u0632\u0645\u0627\u0646 \u062a\u0633\u062a \u0628\u0647 \u0622\u0646 \u0646\u06cc\u0627\u0632 \u062f\u0627\u0631\u062f.<br \/>\n\u0644\u06cc\u0633\u062a \u0627\u0628\u0632\u0627\u0631\u200c\u0647\u0627\u06cc \u0627\u06cc\u0646 Docker image \u0631\u0627 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u06cc\u062f \u0627\u0632 <a href=\"https:\/\/owasp.org\/www-project-nightingale\/\" target=\"_blank\" rel=\"noopener\">\u0635\u0641\u062d\u0647 \u0627\u06cc\u0646 \u067e\u0631\u0648\u0698\u0647<\/a> \u0645\u0634\u0627\u0647\u062f\u0647 \u0641\u0631\u0645\u0627\u06cc\u06cc\u062f.<\/p>\n<h4><span class=\"ez-toc-section\" id=\"OWASP_OWTF\"><\/span><strong>OWASP OWTF<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p>\u062f\u0631 \u0633\u0627\u062f\u0647 \u062a\u0631\u06cc\u0646 \u062a\u0639\u0631\u06cc\u0641 \u0647\u062f\u0641 OWTF \u0627\u0646\u062c\u0627\u0645 \u0622\u0632\u0645\u0648\u0646 \u062a\u0633\u062a \u0646\u0641\u0648\u0630 \u0628\u0627 \u0648\u06cc\u0698\u06af\u06cc\u200c\u0647\u0627\u06cc \u0632\u06cc\u0631 \u0627\u0633\u062a:<\/p>\n<ul>\n<li>\u0647\u0645\u0631\u0627\u0633\u062a\u0627 \u0628\u0627 OTG\u060c PTES \u0648 NIST<\/li>\n<li>\u06a9\u0627\u0631\u0622\u0645\u062f<\/li>\n<li>\u0641\u0631\u0627\u06af\u06cc\u0631\u062a\u0631<\/li>\n<li>\u062e\u0644\u0627\u0642\u0627\u0646\u0647 \u0648 \u0633\u0631\u06af\u0631\u0645 \u06a9\u0646\u0646\u062f\u0647 \u062a\u0631 (\u0628\u0647 \u062d\u062f\u0627\u0642\u0644 \u0631\u0633\u0627\u0646\u062f\u0646 \u06a9\u0627\u0631 \u063a\u06cc\u0631 \u062e\u0644\u0627\u0642\u0627\u0646\u0647)<\/li>\n<\/ul>\n<p>\u0648 \u0628\u0647 \u0637\u0648\u0631\u06cc \u0628\u0627\u0634\u062f \u06a9\u0647 \u067e\u0646 \u062a\u0633\u062a\u0631 \u0632\u0645\u0627\u0646 \u0628\u06cc\u0634\u062a\u0631\u06cc \u0628\u0631\u0627\u06cc \u0645\u0648\u0631\u0627\u062f \u0632\u06cc\u0631 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f:<\/p>\n<ul>\n<li>\u062a\u0641\u06a9\u0631 \u062e\u0627\u0631\u062c \u0627\u0632 \u062c\u0639\u0628\u0647 (Thinkign Out of the box)<\/li>\n<li>\u06a9\u0634\u0641 \u0648 \u062a\u0631\u06a9\u06cc\u0628 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u0628\u0647 \u0635\u0648\u0631\u062a \u0645\u0648\u062b\u0631\u062a\u0631<\/li>\n<li>\u062f\u0627\u0634\u062a\u0646 \u0632\u0645\u0627\u0646 \u0628\u06cc\u0634\u062a\u0631 \u0628\u0631\u0627\u06cc \u0628\u0631\u0631\u0633\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u067e\u06cc\u0686\u06cc\u062f\u0647 \u0645\u0627\u0646\u0646\u062f \u0645\u0646\u0637\u0642 \u06a9\u0633\u0628 \u0648 \u06a9\u0627\u0631 (business logic)\u060c \u0646\u0642\u0635\u200c\u0647\u0627\u06cc \u0645\u0639\u0645\u0627\u0631\u06cc (architectural flaws) \u06cc\u0627 \u0646\u0634\u0633\u062a\u200c\u0647\u0627\u06cc \u0645\u062c\u0627\u0632\u06cc \u0645\u06cc\u0632\u0628\u0627\u0646 (virtual hosting sessions)<\/li>\n<li>\u0627\u0646\u062c\u0627\u0645 \u0641\u0627\u0632\u200c\u0647\u0627\u06cc \u062a\u0627\u06a9\u062a\u06cc\u06a9\u06cc\/ \u0647\u062f\u0641\u0645\u0646\u062f \u062f\u0631 \u0646\u0648\u0627\u062d\u06cc \u0628\u0647 \u0638\u0627\u0647\u0631 \u062f\u0627\u0631\u0627\u06cc \u0631\u06cc\u0633\u06a9<\/li>\n<li>\u0627\u06cc\u062c\u0627\u062f \u062a\u0627\u062b\u06cc\u0631\u06cc \u0648\u0627\u0642\u0639\u06cc\u200c\u062a\u0631 \u0628\u0627 \u0648\u062c\u0648\u062f \u0632\u0645\u0627\u0646\u200c\u0647\u0627\u06cc \u06a9\u0645\u06cc \u06a9\u0647 \u0645\u0639\u0645\u0648\u0644\u0627 \u062f\u0631 \u0627\u062e\u062a\u06cc\u0627\u0631 \u06a9\u0627\u0631\u0634\u0646\u0627\u0633\u0627\u0646 \u062a\u0633\u062a \u0646\u0641\u0648\u0630 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f\u0647\u200c \u0645\u06cc\u200c\u0634\u0648\u062f.<\/li>\n<\/ul>\n<h4><span class=\"ez-toc-section\" id=\"OWASP_SAMM\"><\/span><strong>OWASP SAMM<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p><img decoding=\"async\" class=\"wp-image-5208 aligncenter\" src=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/lDyR2uXJ_400x400.png\" alt=\"OWASP SAMM\" width=\"490\" height=\"229\" \/><\/p>\n<p>\u067e\u0631\u0648\u0698\u0647 SAMM \u06a9\u0647 \u0645\u062e\u062a\u0635\u0631 Software Assurance Maturity Model \u0645\u06cc\u200c\u0628\u0627\u0634\u062f \u0628\u0627 \u0647\u062f\u0641 \u0627\u0631\u0627\u0626\u0647 \u0631\u0627\u0647\u06cc \u0645\u0648\u062b\u0631 \u0648 \u0642\u0627\u0628\u0644 \u0627\u0646\u062f\u0627\u0632\u0647\u200c\u06af\u06cc\u0631\u06cc \u0628\u0631\u0627\u06cc \u062a\u062c\u0632\u06cc\u0647 \u0648 \u062a\u062d\u0644\u06cc\u0644 \u0648 \u0647\u0645\u0686\u0646\u06cc\u0646 \u0628\u0647\u0628\u0648\u062f \u0686\u0631\u062e\u0647 \u0639\u0645\u0631 \u062a\u0648\u0633\u0639\u0647 \u0628\u0631\u0646\u0627\u0645\u0647 \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0627\u0645\u0646\u060c \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f\u0647 \u0627\u0633\u062a.<br \/>\nSAMM \u0627\u0632 \u0686\u0631\u062e\u0647 \u0639\u0645\u0631 \u062a\u0648\u0633\u0639\u0647 \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0628\u0635\u0648\u0631\u062a \u06a9\u0627\u0645\u0644 \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc \u0645\u06cc\u200c\u06a9\u0646\u062f \u0648 \u0627\u0648\u0627\u0633\u067e \u0627\u0630\u0639\u0627\u0646 \u062f\u0627\u0631\u062f \u06a9\u0647 \u0622\u0646 \u0631\u0627 \u0628\u0647 \u06af\u0648\u0646\u0647\u200c\u0627\u06cc \u0633\u0627\u062e\u062a\u0647 \u06a9\u0647 \u0645\u0627\u0647\u06cc\u062a \u062a\u06a9\u0627\u0645\u0644\u06cc \u0648 \u0631\u06cc\u0633\u06a9 \u0645\u062d\u0648\u0631 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f \u0632\u06cc\u0631\u0627 \u0647\u06cc\u0686 \u062f\u0633\u062a\u0648\u0631\u0627\u0644\u0639\u0645\u0644 \u0648\u0627\u062d\u062f\u06cc \u0648\u062c\u0648\u062f \u0646\u062f\u0627\u0631\u062f \u06a9\u0647 \u0628\u0631\u0627\u06cc \u0647\u0645\u0647 \u0633\u0627\u0632\u0645\u0627\u0646\u200c\u0647\u0627 \u067e\u0627\u0633\u062e\u06af\u0648 \u0628\u0627\u0634\u062f.<\/p>\n<h4><span class=\"ez-toc-section\" id=\"OWASP_Security_Knowledge_Framework\"><\/span><strong>OWASP Security Knowledge Framework<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p><img decoding=\"async\" class=\"wp-image-5210 size-large aligncenter\" src=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/logo_github-1024x424.png\" alt=\"OWASP Security Knowledge Framework\" width=\"1024\" height=\"424\" srcset=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/logo_github-1024x424.png 1024w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/logo_github-300x124.png 300w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/logo_github-768x318.png 768w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/logo_github-1536x637.png 1536w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/logo_github-2048x849.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p>Security Knowledge Framework \u06a9\u0647 \u0628\u0647 \u0645\u062e\u062a\u0635\u0631 \u0628\u0647 \u0635\u0648\u0631\u062a SKF \u0627\u0632 \u0622\u0646 \u06cc\u0627\u062f \u0645\u06cc\u200c\u0634\u0648\u062f \u06cc\u06a9 \u0628\u0631\u0646\u0627\u0645\u0647 \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u062a\u062e\u062a \u0648\u0628 \u0627\u0633\u062a \u06a9\u0647 \u062a\u0639\u0631\u06cc\u0641\u06cc \u0628\u0631\u0627\u06cc \u0627\u0635\u0648\u0644 \u06a9\u062f\u0646\u0648\u06cc\u0633\u06cc \u0627\u06cc\u0645\u0646 \u062f\u0631 \u0686\u0646\u062f\u06cc\u0646 \u0632\u0628\u0627\u0646 \u0645\u062d\u062a\u0644\u0641 \u0627\u0631\u0627\u0626\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f. \u0647\u062f\u0641 OWASP-SKF \u0627\u06cc\u0646 \u0627\u0633\u062a \u06a9\u0647 \u0628\u0647 \u0634\u0645\u0627 \u06a9\u0645\u06a9 \u06a9\u0646\u062f \u0627\u0645\u0646\u06cc\u062a \u0631\u0627 \u0628\u0627 \u0637\u0631\u0627\u062d\u06cc \u062f\u0631 \u062a\u0648\u0633\u0639\u0647 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u062e\u0648\u062f \u0628\u06cc\u0627\u0645\u0648\u0632\u06cc\u062f \u0648 \u0622\u0646 \u0631\u0627 \u0628\u0627 \u0628\u0631\u0646\u0627\u0645\u0647 \u062e\u0648\u062f \u06cc\u06a9\u067e\u0627\u0631\u0686\u0647 \u06a9\u0646\u06cc\u062f \u062a\u0627 \u0628\u062a\u0648\u0627\u0646\u06cc\u062f \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u0628\u0633\u0627\u0632\u06cc\u062f \u06a9\u0647 \u0627\u0632 \u0646\u0638\u0631 \u0637\u0631\u0627\u062d\u06cc\u060c \u0627\u06cc\u0645\u0646 \u0647\u0633\u062a\u0646\u062f.<br \/>\nOWASP-SKF \u0627\u06cc\u0646 \u06a9\u0627\u0631 \u0631\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u067e\u0631\u0648\u0698\u0647\u200c\u0647\u0627\u06cc \u062a\u0648\u0633\u0639\u0647 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u06a9\u0647 \u0642\u0627\u0628\u0644 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0628\u0627 \u0686\u06a9 \u0644\u06cc\u0633\u062a\u200c\u0647\u0627 (\u06cc\u0639\u0646\u06cc OWASP-ASVS\u060c OWASP-MASVS \u06cc\u0627 \u062d\u062a\u06cc \u0686\u06a9 \u0644\u06cc\u0633\u062a\u200c\u0647\u0627\u06cc \u0634\u062e\u0635\u06cc \u0633\u0627\u0632\u06cc \u0634\u062f\u0647) \u0648 \u0622\u0632\u0645\u0627\u06cc\u0634\u06af\u0627\u0647\u200c\u0647\u0627 \u0647\u0633\u062a\u0646\u062f\u060c \u0627\u0646\u062c\u0627\u0645 \u0645\u06cc\u200c\u062f\u0647\u062f.<\/p>\n<h4><span class=\"ez-toc-section\" id=\"OWASP_Security_Shepherd\"><\/span><strong>OWASP Security Shepherd<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p>\u067e\u0631\u0648\u0698\u0647 Security Shepherd \u062f\u0631 \u0631\u0627\u0633\u062a\u0627\u06cc \u062a\u0648\u0644\u06cc\u062f \u06cc\u06a9 \u067e\u0644\u062a\u0641\u0631\u0645 \u0628\u0631\u0627\u06cc \u0622\u0645\u0648\u0632\u0634 \u0627\u0645\u0646\u06cc\u062a \u062f\u0631 \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0648\u0628 \u0648 \u0645\u0648\u0628\u0627\u06cc\u0644 \u0637\u0631\u0627\u062d\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a. Security Shepherd \u0628\u0631\u0627\u06cc \u062a\u0642\u0648\u06cc\u062a \u0648 \u0628\u0647\u0628\u0648\u062f \u0622\u06af\u0627\u0647\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u062f\u0631 \u0645\u06cc\u0627\u0646 \u0628\u0627\u0642\u06cc \u0645\u062c\u0645\u0648\u0639\u0647 \u0645\u0647\u0627\u0631\u062a\u200c\u0647\u0627\u06cc \u0648\u0627\u0628\u0633\u062a\u0647 \u0628\u0647 \u0622\u0645\u0627\u0631\u200c\u06af\u06cc\u0631\u06cc \u0628\u0647 \u0648\u062c\u0648\u062f \u0622\u0645\u062f \u0648 \u0647\u062f\u0641 \u0622\u0646 \u062c\u0630\u0628 \u0627\u0641\u0631\u0627\u062f \u0645\u0628\u062a\u062f\u06cc \u062f\u0631 \u0645\u0628\u062d\u062b AppSec \u0648 \u06cc\u0627 \u0645\u0647\u0646\u062f\u0633\u0627\u0646 \u0628\u0627 \u062a\u062c\u0631\u0628\u0647 \u0648 \u062a\u0642\u0648\u06cc\u062a \u0645\u0647\u0627\u0631\u062a \u062a\u0633\u062a \u0646\u0641\u0648\u0630 \u0622\u0646\u200c\u0647\u0627 \u0648 \u062a\u0628\u062f\u06cc\u0644 \u0622\u0646\u200c\u0647\u0627 \u0628\u0647 \u0645\u062a\u062e\u0635\u0635\u0627\u0646 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0645\u06cc\u200c\u0628\u0627\u0634\u062f.<\/p>\n<h4><span class=\"ez-toc-section\" id=\"OWASP_Top_10\"><\/span><strong>OWASP Top 10<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-5212 size-large\" src=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/TOP_10_logo_Final_Logo_Colour-1024x560.png\" alt=\"OWASP Top 10\" width=\"1024\" height=\"560\" srcset=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/TOP_10_logo_Final_Logo_Colour-1024x560.png 1024w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/TOP_10_logo_Final_Logo_Colour-300x164.png 300w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/TOP_10_logo_Final_Logo_Colour-768x420.png 768w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/TOP_10_logo_Final_Logo_Colour-1536x840.png 1536w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/TOP_10_logo_Final_Logo_Colour.png 1754w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p>OWASP Top 10 \u06cc\u06a9 \u0627\u0633\u062a\u0627\u0646\u062f\u0627\u0631\u062f \u06cc\u0627 \u0633\u0646\u062f \u0622\u06af\u0627\u0647\u06cc \u0628\u0631\u0627\u06cc \u062a\u0648\u0633\u0639\u0647 \u062f\u0647\u0646\u062f\u06af\u0627\u0646 \u0648 \u0627\u0645\u0646\u06cc\u062a \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0648\u0628 \u0645\u06cc\u200c\u0628\u0627\u0634\u062f. Top 10 \u06cc\u06a9 \u0627\u062c\u0645\u0627\u0639 \u06af\u0633\u062a\u0631\u062f\u0647 \u062f\u0631 \u0645\u0648\u0631\u062f \u062d\u06cc\u0627\u062a\u06cc\u200c\u062a\u0631\u06cc\u0646 \u0648 \u062e\u0637\u0631\u0646\u0627\u06a9 \u062a\u0631\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0633\u0637\u062d \u0648\u0628 \u0645\u06cc\u200c\u0628\u0627\u0634\u062f.<\/p>\n<div class=\"bs-shortcode-alert alert alert-info\"><strong>\u0628\u0631\u0627\u06cc \u062e\u0648\u0627\u0646\u062f\u0646 \u0645\u0637\u0627\u0644\u0628 \u0628\u06cc\u0634\u062a\u0631 \u062f\u0631 \u0645\u0648\u0631\u062f \u0627\u06cc\u0646 \u0633\u0646\u062f \u0622\u06af\u0627\u0647\u06cc <a href=\"https:\/\/www.irandnn.ir\/mag\/owasp-top-10\/\">\u06a9\u0644\u06cc\u06a9 \u0646\u0645\u0627\u06cc\u06cc\u062f<\/a>.<\/strong><\/div>\n<h4><span class=\"ez-toc-section\" id=\"OWASP_Web_Security_Testing_Guide\"><\/span><strong>OWASP Web Security Testing Guide<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p><img decoding=\"async\" class=\"wp-image-5250 alignleft\" src=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/testing-guide-232x300.png\" alt=\"\" width=\"222\" height=\"285\" \/><\/p>\n<p>Web security testing guide \u06a9\u0647 \u0628\u0647 \u0635\u0648\u0631\u062a WSTG \u0647\u0645 \u06cc\u0627\u062f \u0645\u06cc\u200c\u0634\u0648\u062f \u06cc\u06a9\u06cc \u0627\u0632 \u0645\u0639\u062a\u0628\u0631\u062a\u0631\u06cc\u0646 \u0648 \u0645\u0647\u0645 \u062a\u0631\u06cc\u0646 \u0645\u0646\u0627\u0628\u0639 \u0628\u0631\u0627\u06cc \u062a\u0648\u0633\u0639\u0647 \u062f\u0647\u0646\u062f\u06af\u0627\u0646 \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u062a\u062d\u062a \u0648\u0628 \u0645\u06cc\u200c\u0628\u0627\u0634\u062f<br \/>\nWSTG \u06cc\u06a9 \u0631\u0627\u0647\u0646\u0645\u0627\u06cc\u06cc \u06af\u0627\u0645 \u0628\u0647 \u06af\u0627\u0645 \u0648 \u062c\u0627\u0645\u0639 \u0628\u0631\u0627\u06cc \u0622\u0632\u0645\u0627\u06cc\u0634 \u0627\u0645\u0646\u06cc\u062a \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0648\u0628 \u0648 \u0648\u0628 \u0633\u0631\u0648\u06cc\u0633\u200c\u0647\u0627 \u0627\u0633\u062a \u0648 \u0686\u0647\u0627\u0631\u0686\u0648\u0628\u06cc \u0627\u0632 \u0628\u0647\u062a\u0631\u06cc\u0646 \u0634\u06cc\u0648\u0647\u200c\u0647\u0627\u06cc \u062a\u0633\u062a \u0646\u0641\u0648\u0630 \u0628\u0631\u0627\u06cc \u0633\u0627\u0632\u0645\u0627\u0646\u200c\u0647\u0627 \u062f\u0631 \u0633\u0631\u0627\u0633\u0631 \u062c\u0647\u0627\u0646 \u0627\u0631\u0627\u0626\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f.<br \/>\n\u0627\u06cc\u0646 \u0646\u06a9\u062a\u0647 \u0642\u0627\u0628\u0644 \u0630\u06a9\u0631 \u0627\u0633\u062a \u06a9\u0647 \u0627\u06cc\u0646 \u0631\u0627\u0647\u0646\u0645\u0627 \u0645\u0648\u0631\u062f \u0642\u0628\u0648\u0644 \u0634\u0631\u06a9\u062a\u200c\u0647\u0627 \u0648 \u0633\u0627\u0632\u0645\u0627\u0646\u200c\u0647\u0627\u06cc \u0627\u06cc\u0631\u0627\u0646\u06cc \u0647\u0645 \u0645\u06cc\u200c\u0628\u0627\u0634\u062f.<\/p>\n<div class=\"bs-shortcode-alert alert alert-info\">\n<p><strong>\u0647\u0645\u0686\u0646\u06cc\u0646 \u0634\u0645\u0627 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u06cc\u062f \u0628\u0627 <a href=\"https:\/\/www.irandnn.ir\/solutions\/penetration-testing\">\u062f\u0631\u06cc\u0627\u0641\u062a \u0645\u0634\u0627\u0648\u0631\u0647 \u0627\u0632 \u0645\u062a\u062e\u0635\u0635\u0627\u0646 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0645\u0627<\/a>\u060c \u0633\u0627\u0645\u0627\u0646\u0647\u200c\u0647\u0627\u06cc \u062a\u062d\u062a \u0648\u0628 \u062e\u0648\u062f \u0631\u0627 \u0628\u0631\u0627\u0633\u0627\u0633 \u0627\u06cc\u0646 \u0631\u0627\u0647\u0646\u0645\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0645\u0648\u0631\u062f \u0628\u0631\u0631\u0633\u06cc \u0642\u0631\u0627\u0631 \u062f\u0647\u06cc\u062f.<\/strong><\/p>\n<\/div>\n<h4><span class=\"ez-toc-section\" id=\"OWASP_ZAP\"><\/span><strong>OWASP ZAP<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p><img decoding=\"async\" class=\"alignnone wp-image-5215 size-full\" src=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/owasp-zap.png\" alt=\"owasp zap\" width=\"702\" height=\"284\" srcset=\"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/owasp-zap.png 702w, https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/owasp-zap-300x121.png 300w\" sizes=\"(max-width: 702px) 100vw, 702px\" \/><\/p>\n<p>OWASP ZAP \u06cc\u0627 \u0647\u0645\u0627\u0646 OWASP Zed Attack Proxy \u06cc\u06a9\u06cc \u0627\u0632 \u0645\u062d\u0628\u0648\u0628 \u062a\u0631\u06cc\u0646 \u0627\u0628\u0632\u0627\u0631\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0631\u0627\u06cc\u06af\u0627\u0646 \u0648 \u06a9\u0647 \u0628\u0647 \u0637\u0648\u0631 \u0641\u0639\u0627\u0644 \u062a\u0648\u0633\u0637 \u06cc\u06a9 \u062a\u06cc\u0645 \u0628\u06cc\u0646\u200c\u0627\u0644\u0645\u0644\u0644\u06cc \u0627\u0632 \u062f\u0627\u0648\u0637\u0644\u0628\u0627\u0646 \u0646\u06af\u0647\u062f\u0627\u0631\u06cc \u0645\u06cc\u200c\u0634\u0648\u062f. ZAP Proxy \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0634\u0645\u0627 \u062f\u0631 \u062e\u0648\u062f\u06a9\u0627\u0631\u0633\u0627\u0632\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u06a9\u0645\u06a9 \u06a9\u0646\u062f. \u0634\u0645\u0627 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u06cc\u062f \u0627\u06cc\u0646\u200c\u06a9\u0627\u0631 \u0631\u0627 \u062d\u062a\u06cc \u062d\u06cc\u0646 \u062a\u0648\u0633\u0639\u0647 \u0648 \u06cc\u0627 \u0622\u0632\u0645\u0627\u06cc\u0634 \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u06cc\u062f.<br \/>\n\u0647\u0645\u0686\u0646\u06cc\u0646 \u0627\u06cc\u0646 \u0627\u0628\u0632\u0627\u0631 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0646\u0641\u0648\u0630\u06af\u0631\u0627\u0646 \u0628\u0627 \u062a\u062c\u0631\u0628\u0647 \u06a9\u0645\u06a9 \u06a9\u0646\u062f \u0648 \u06cc\u06a9 \u062a\u0633\u062a \u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0631\u0627\u06cc \u0628\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0628\u0647 \u0635\u0648\u0631\u062a \u062f\u0633\u062a\u06cc \u0647\u0645\u0631\u0627\u0647 \u0628\u0627 \u062a\u062c\u0631\u0628\u0647\u200c\u0627\u06cc \u0628\u0647\u062a\u0631 \u0631\u0642\u0645 \u0632\u0646\u062f.<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p><span class=\"span-reading-time rt-reading-time\" style=\"display: block;\"><span class=\"rt-label rt-prefix\">\u0632\u0645\u0627\u0646 \u0645\u0637\u0627\u0644\u0639\u0647:<\/span> <span class=\"rt-time\"> 9<\/span> <span class=\"rt-label rt-postfix\">\u062f\u0642\u06cc\u0642\u0647<\/span><\/span>OWASP \u0645\u062e\u062a\u0635\u0631 Open Web Application Security Project\u060c \u0628\u0646\u06cc\u0627\u062f\u06cc \u063a\u06cc\u0631\u062f\u0648\u0644\u062a\u06cc \u0645\u06cc\u200c\u0628\u0627\u0634\u062f \u06a9\u0647 \u0628\u0647 \u0645\u0646\u0638\u0648\u0631 \u0628\u0647\u0628\u0648\u062f \u0627\u0645\u0646\u06cc\u062a \u062f\u0631 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u200c\u0647\u0627 \u0634\u06a9\u0644 \u06af\u0631\u0641\u062a\u0647 \u0627\u0633\u062a.<\/p>\n","protected":false},"author":5,"featured_media":5172,"comment_status":"open","ping_status":"open","sticky":true,"template":"","format":"standard","meta":{"footnotes":""},"categories":[75],"tags":[76,93],"better_featured_image":{"id":5172,"alt_text":"","caption":"","description":"","media_type":"image","media_details":{"width":2000,"height":1074,"file":"2022\/02\/OWASP-project.jpg","sizes":{"medium":{"file":"OWASP-project-300x161.jpg","width":300,"height":161,"mime-type":"image\/jpeg","source_url":"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/OWASP-project-300x161.jpg"},"large":{"file":"OWASP-project-1024x550.jpg","width":1024,"height":550,"mime-type":"image\/jpeg","source_url":"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/OWASP-project-1024x550.jpg"},"thumbnail":{"file":"OWASP-project-150x150.jpg","width":150,"height":150,"mime-type":"image\/jpeg","source_url":"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/OWASP-project-150x150.jpg"},"medium_large":{"file":"OWASP-project-768x412.jpg","width":768,"height":412,"mime-type":"image\/jpeg","source_url":"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/OWASP-project-768x412.jpg"},"1536x1536":{"file":"OWASP-project-1536x825.jpg","width":1536,"height":825,"mime-type":"image\/jpeg","source_url":"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/OWASP-project-1536x825.jpg"},"publisher-tb1":{"file":"OWASP-project-86x64.jpg","width":86,"height":64,"mime-type":"image\/jpeg","source_url":"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/OWASP-project-86x64.jpg"},"publisher-sm":{"file":"OWASP-project-210x136.jpg","width":210,"height":136,"mime-type":"image\/jpeg","source_url":"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/OWASP-project-210x136.jpg"},"publisher-mg2":{"file":"OWASP-project-279x220.jpg","width":279,"height":220,"mime-type":"image\/jpeg","source_url":"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/OWASP-project-279x220.jpg"},"publisher-md":{"file":"OWASP-project-357x210.jpg","width":357,"height":210,"mime-type":"image\/jpeg","source_url":"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/OWASP-project-357x210.jpg"},"publisher-lg":{"file":"OWASP-project-750x430.jpg","width":750,"height":430,"mime-type":"image\/jpeg","source_url":"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/OWASP-project-750x430.jpg"},"publisher-full":{"file":"OWASP-project-1130x580.jpg","width":1130,"height":580,"mime-type":"image\/jpeg","source_url":"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/OWASP-project-1130x580.jpg"},"publisher-tall-sm":{"file":"OWASP-project-180x217.jpg","width":180,"height":217,"mime-type":"image\/jpeg","source_url":"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/OWASP-project-180x217.jpg"},"publisher-tall-lg":{"file":"OWASP-project-267x322.jpg","width":267,"height":322,"mime-type":"image\/jpeg","source_url":"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/OWASP-project-267x322.jpg"},"publisher-tall-big":{"file":"OWASP-project-368x445.jpg","width":368,"height":445,"mime-type":"image\/jpeg","source_url":"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/OWASP-project-368x445.jpg"}},"image_meta":{"aperture":"0","credit":"","camera":"","caption":"data technology network lines background","created_timestamp":"0","copyright":"","focal_length":"0","iso":"0","shutter_speed":"0","title":"data technology network lines background","orientation":"1","keywords":[]}},"post":5138,"source_url":"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/OWASP-project.jpg"},"fimg_url":"https:\/\/www.irandnn.ir\/mag\/wp-content\/uploads\/2022\/02\/OWASP-project.jpg","_links":{"self":[{"href":"https:\/\/www.irandnn.ir\/mag\/wp-json\/wp\/v2\/posts\/5138"}],"collection":[{"href":"https:\/\/www.irandnn.ir\/mag\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.irandnn.ir\/mag\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.irandnn.ir\/mag\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/www.irandnn.ir\/mag\/wp-json\/wp\/v2\/comments?post=5138"}],"version-history":[{"count":43,"href":"https:\/\/www.irandnn.ir\/mag\/wp-json\/wp\/v2\/posts\/5138\/revisions"}],"predecessor-version":[{"id":5365,"href":"https:\/\/www.irandnn.ir\/mag\/wp-json\/wp\/v2\/posts\/5138\/revisions\/5365"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.irandnn.ir\/mag\/wp-json\/wp\/v2\/media\/5172"}],"wp:attachment":[{"href":"https:\/\/www.irandnn.ir\/mag\/wp-json\/wp\/v2\/media?parent=5138"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.irandnn.ir\/mag\/wp-json\/wp\/v2\/categories?post=5138"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.irandnn.ir\/mag\/wp-json\/wp\/v2\/tags?post=5138"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}