This is a whitepaper discussing cross site scripting exploitation via CHEF. Written in Turkish.
e98d82370ead61ff8742ed558bf5d4cbd5999da934538163bf431a5c0c562cf5
This is a brief whitepaper that discusses various types of vulnerabilities found in web applications. It is written in Turkish.
8446334b51d3002cf9d002cb56e09e3d69279e97044d49eee38394c89659e221
This is a whitepaper that gives a complete cross site scripting walkthrough.
7ccb4e719b298fb3680cb5feb24cf117a59343f4420b727273ea2fae0666e3a5
Whitepaper called Overview to HTML5 web security. This article is an extract of the master thesis written by Michael Schmidt. It needs to be considered that the content of this document was released in May 2011.
80db6816d328e2047d44c3b598a2a9756e6a4f2de1f01ef7af19901983063af3
This is a whitepaper called the Beginner's Guide To Cross Site Scripting.
15ce1410ad4bb0fb2095406b506cffa4cbd1bd7787c82707575a1d8dcf5f7258
Whitepaper discussing cross site scripting, bypassing techniques, and the usefulness of these attacks.
e6db4a2a2b09265739ef2221cc69c49975d5b6ed87df3146923008646935f4fd
This is a whitepaper discussing the risk associated with the privacy of your data on Facebook.
1c7324957e7d7c62de38033fa300af904e3fd13b9fd83df2b808ba22aedd9a41
Whitepaper called XSS Street-Fight: The Only Rule Is There Are No Rules.
64907028535179186d11bc145891ad5ff5191ec3b8a3fe45a872e06f47af4b3a
Whitepaper called Session Hijacking Basics.
c10ac5549eb8d9b59dd9e96602ae6fea7e357736816f2e636a019f9594454533
Whitepaper called Introduction to Cross Site Request Forgery. Written in Persian.
acc26b2546c9db860528e7369f90e357f092c1dc969f3867a61a5d32f0eea508
This is a whitepaper on cross site scripting written in German.
84575c90ddd7b89abb93facb4b651f00ea940f399ca79081a089a8f99b5f6d80
Whitepaper called Weaning The Web Off Of Session Cookies. It compares the security weaknesses and usability limitations of both cookie-based session management and HTTP digest authentication; demonstrating how digest authentication is clearly the more secure system in practice.
8037409600569b8d43de2c78faf6df1c248608e53de405e52921675f233564e4
Whitepaper called Security of the Web. This papers discusses how vulnerabilities have evolved over the years and how web applications have become a primary vector of attack. Written in German.
b01009c26f448edb9d51f062cd833a792d4922e65d04bd11789adce0232206a4
Whitepaper called Web Vulnerabilities and Security. Written in Romanian.
bd25f3f67ea09bf7e6e9f014175b409060c3fab22dc60a8f658fac4d83c74640
Whitepaper discussing how the recent addition of SSL to The Pirate Bay does not sufficiently protect users from being detected.
e423f569e8cbddb5c909ed306ddcbfde70c325fa756e1359984776d48e93f12a
Offensive XSS 101 - A small write up discussing basic logistics and methodologies for cross site scripting.
27e72fa2e63a49489f43b7cab215acd2c2f77db033859417e7313ff0f1c63d0b
Whitepaper called Client Side Security - More Severe Than It Seems. It touches on the darker side of cross site scripting and cross site request forgery along with information on how to protect against these attacks.
2e2efc0a501c46dbd86a6b840919bc3a993394d75adcd695a5ee9268014b3edc
Whitepaper discussing site wide cross site scripting which is a technique to make injected code stay resident in the user's browser even after he leaves the vulnerable URL.
6258e00949f5b6cb8f9e23f69428ac64474db6d9a58918e12106fc921cb6ab39
Whitepaper from 2002 that has been updated regarding the abuse of non-HTTP protocols to launch cross site scripting attacks.
8afda6a71fc82e75746054b311cdece0c4c6f3bf4d75964f8cec22dd09f4c8b7
Whitepaper called Bypassing URL Authentication and Authorization with HTTP Verb Tampering.
89c79276bb60d2a827a2b05125ffbdfb1c71292138a852beeb9e94a711e853bb
Whitepaper regarding cross site request forgery attacks. Written in Spanish.
119f58f1340993ec03619137b388528f8d76bf5b4c788ff6000735d1d7345f8a
The Common Criteria Web Application Security Scoring, or CCWAPSS, is a security scoring methodology for web applications. This is version 1.1.
fb2c666d740509205218fd44c06a819d068b58b9e05dedcf3ebdfb0ab352a5e1
Whitepaper discussing the prevention of cross site request forgery attacks.
f175ac2a874a9f1415a57c6ed31b6044ef783497e4f88ea01d77445b1856299e
Whitepaper entitled "XSS The Complete Walkthrough". Written to discuss how web developers should code securely to negate cross site scripting vulnerabilities.
49155974d24086509ddb711af7801ff27158e8ee699325d11e5b2a93f9a65bb5
Whitepaper describing tunneling HTTP traffic via cross site scripting channels.
b6e22346f151eaeb24916f751d3e2467742a870c86d317f9d12104eda70ce14d