Avaq/security-techniques.md

## security-techniques.md

      
    Raw
  

              security-techniques.md
            
          
    Restrictors


Technique
Type
Combats


Strict Transport Security
header
protocol downgrade, session hijacking


Public Key Pinning
header
impersonation


CSP Content Security Policy
header
cross site scripting


Same-Origin Policy
browser
cross site request forgery


Relaxatives


Technique
Type
Relaxes


CORS Cross-Domain Resource Sharing
header
Same-Origin Policy


Other


Technique
Description


SNI Server Name Indication
An extension to TLS which allows multiple HTTPS virtual top-level hosts


SSL Test
A tool for testing your HTTPS connection


Security Headers test
A tool for testing your security related headers (see techniques of type header)
Technique	Type	Combats
Strict Transport Security	header	protocol downgrade, session hijacking
Public Key Pinning	header	impersonation
CSP Content Security Policy	header	cross site scripting
Same-Origin Policy	browser	cross site request forgery
Technique	Description
SNI Server Name Indication	An extension to TLS which allows multiple HTTPS virtual top-level hosts
SSL Test	A tool for testing your HTTPS connection
Security Headers test	A tool for testing your security related headers (see techniques of type `header`)