HomeBlogsrex's blog

Web Application Security Papers

Submitted by rex on Mon, 04/27/2009 - 18:55

A big list of usefull Web-App-Sec Papers

SQL Injection

Wikipedia
http://en.wikipedia.org/wiki/SQL_injection

SQL Injection Attacks by Example
http://unixwiz.net/techtips/sql-injection.html

OWASP
http://www.owasp.org/index.php/SQL_injection

SQL Injection Walkthrough http://www.securiteam.com/securityreviews/5DP0N1P76E.html

SQL Injection Attacks - Are You Safe?
http://www.sitepoint.com/article/sql-injection-attacks-safe

Spidynamics- MSSQL
http://www.spidynamics.com/whitepapers/WhitepaperSQLInjection.pdf

Blind SQL Injection
http://www.spidynamics.com/whitepapers/Blind_SQLInjection.pdf

NextGenss - Advanced SQL Injection
http://www.nextgenss.com/papers/advanced_sql_injection.pdf

NextGenss - More Advanced SQL Injection
http://www.nextgenss.com/papers/more_advanced_sql_injection.pdf

SQL Server Blind SQL Injection
http://www.imperva.com/application_defense_center/white_papers/blind_sql_server_injection.html

Blind SQL Injection - Automation Techniques
http://www.blackhat.com/presentations/bh-usa-04/bh-us-04-hotchkies/bh-us-04-hotchkies.pdf

Introduction to SQL Injection Attacks for Oracle Developers" - Integrigy
http://www.net-security.org/dl/articles/IntegrigyIntrotoSQLInjectionAttacks.pdf

Manipulating SQL Server Using SQL Injection
http://www.appsecinc.com/presentations/Manipulating_SQL_Server_Using_SQL_Injection.pdf

Using binary Search with Sql injection
http://shh.thathost.com/text/binary-search-sql-injection.txt

SQL-INJECTION USING THE MySQL(and others) char() SYNTAX
http://www.websec.org/papers/charinjection.txt.html

Cross Site Scripting (XSS)

XSS Video Tutorial
http://www.virtualforge.de/vmovie/xss_lesson_1/xss_selling_platform_v1.0.html

XSS Cheat Sheet
http://ha.ckers.org/xss.html

XSS Exploit Database
http://www.gnucitizen.org/xssdb/application.htm

XSS Attacks Mirror
http://www.xssed.com/

XSS FAQ
http://www.cgisecurity.com/articles/xss-faq.shtml

Spidynamics XSS paper
http://www.spidynamics.com/whitepapers/SPIcross-sitescripting.pdf

Advanced XSS
http://www.net-security.org/dl/articles/AdvancedXSS.pdf

Realworld XSS
http://www.net-security.org/dl/articles/XSS-Paper.txt

Wikipedia XSS
http://en.wikipedia.org/wiki/Cross-site_scripting

OWASP XSS
http://www.owasp.org/index.php/XSS

OWASP XSS Testing
http://www.owasp.org/index.php/Testing_for_Cross_site_scripting

OWASP Reviewing Code for Cross-site scripting
http://www.owasp.org/index.php/Reviewing_Code_for_Cross-site_scripting

Cross Site Request Forgery

Bookmark/Search this post with
Tags:

Comments

TOO MANY LINKS TOO MANY

Submitted by Anonymous (not verified) on Tue, 04/28/2009 - 00:33.

TOO MANY LINKS

TOO MANY TAGS

WHAT LANGUAGE??

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Use <pre> all your html php come here </pre> for your code
  • Allowed HTML tags: <a> <b> <pre> <h1> <h2> <h3> <h4> <h5> <h6> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <div> <style><img> <br> <blockquote>
  • Lines and paragraphs break automatically.
  • You may insert videos with [video:URL]

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.

CafeWebmaster.com(CW) is a free online community for webdevelopers and beginners. Anybody can share their code, articles, tips, tutorials, code-examples or other webdesign related material on the site. Newbies can submit their questions and reply to existing questions. CW does not guarantee or warrant reliability of code, data and information published on the site. Use the site on your own risk. The site takes no responsibility of direct or indirect loss or any kind of harm to its users. The site also doesn't take responsibility of infected files or source code with any kind of infection or viruses, worms, spywares, malwares, trojan horses. CW reserves the right to edit, move, or delete any of content for any reason.