Tarih:
Pazartesi, Mart 15, 2010 Kategori:
Hersey
Some of my published white papers in chronological order.
Hiding your identity in the Internet (Turkish) – 26.04.2003
Small XSS Paper – 28.07.2004
Potentially the first paper ever talks about detecting and exploiting XSS vulnerabilities in HTML attributes and Javascript blocks.
A Practical Guide to PGP (Turkish) – 09.01.2005
Practical introduction to PGP, explains basic of PGP with some real world examples.
Attacking and Defending Wireless Networks (Turkish) – 25.12.2005
A Highly detailed document about attacking and defending wireless network.
SQL Injection Cheat Sheet – 15.03.2007
The most comprehensive SQL Injection Cheat Sheet, includes lots of detailed information about SQL injection methods and covers several different databases. Translated into Japanese, Published in “Hacker Japan” Issue 05.2007.
XSS Tunnelling – 10.07.2007
Cutting edge research about exploitation of XSS vulnerabilities. Explains the implementation and idea of tunnelling HTTP traffic through XSS channels to bypass several restrictions and gain a total control over the victim’s session.
Deep Blind SQL Injection – 26.10.2007
A new way to exploit Blind SQL Injections which allows attacker to get 16+ different answers at a time from Blind SQL Injections instead of 2 (true or false). Also it’s implemented in BSQL Hacker.
SQL Wildcard Attacks – 12.05.2008
A new attack vector against web applications and databases. Affects more than 70% of web applications with an MS SQL Server database. This attack is now documented in the OWASP Testing Guide v3 as well.
SSL Implementation Security FAQ – 14.05.2008
Quite comprehensive FAQ for common SSL implementation security pitfalls.


İlgili Yazılar:
- BSQL Hacker and Deep Blind SQL Injections Finally I released BSQL Hacker and Deep Blind SQL Injection...
- GROUP_CONCAT MySQL SQL Injection However this simple query can be useful for enumerating tables...
- SSL İmplementasyon Güvenliği SSL mplementasyon Gvenlii dokmanm Web Gvenlii Topluluu (WGT) altnda yaynladm....
- Günlük Maceralar Free source code and programming help PHP: List of Supported...
- BSQL Hacker Videosu Ama bir çok yenilik eklendi, çok geni bir yapya sahip....
Yorumlar
Henuz yorum yok.
Yorum Yaz