<<< Date Index >>>     <<< Thread Index >>>

Update Your Bookmarks



Hi

I noticed that very recently, the whitepapers section of 
www.sanctuminc.com was removed (possibly as part of phasing out 
the www.sanctuminc.com website). So here are few links to 
mirrored resources (there are many more mirrors; those listed 
below seem most stable):

*** long links may be word wrapped ***

"Blind XPath Injection" 
Amit Klein, May 2004
http://www.packetstormsecurity.com/papers/bypass/Blind_XPath_Injection
_20040518.pdf


"Divide and Conquer - HTTP Response Splitting, Web Cache Poisoning
Attacks, and Other Topics" 
Amit Klein, March 2004
http://www.packetstormsecurity.org/papers/general/whitepaper_httprespo
nse.pdf

[Watchfire has its own "Watchfire branded" version on its website, 
registration required]


"Secure Coding Practices for Microsoft ASP.NET" 
Amit Klein, July 2003
http://www.cgisecurity.com/lib/WhitePaper_Secure_Coding_Practices_VSdo
tNET.pdf


"Developing Secure Web Applications Just Got Easier" 
Amit Klein, March 2003
http://www.zone-h.org/files/34/devsecureappsjustgoteasier.pdf


"Developing Secure Web Applications" 
Izhar Bar-Gad and Amit Klein, June 2002
http://www.cgisecurity.com/lib/WhitePaper_DevelopingSecureWebApps.pdf

[Watchfire has its own "Watchfire branded" version on its website, 
registration required]


"Cross Site Scripting Explained" 
Amit Klein, May 2002
http://crypto.stanford.edu/cs155/CSS.pdf


"Hacking Web Applications Using Cookie Poisoning" 
Amit Klein, April 2002
http://www.cgisecurity.com/lib/CookiePoisoningByline.pdf


"Hacker Repellent: Deterring Hackers On a Shoestring Budget" 
Amit Klein, April 2002
http://www.secinf.net/uplarticle/1/Hack_Repellent.pdf


Enjoy,
-Amit