I found a useful resource containing a whole list of academic papers on web-application security.
This list represents an attempt to collect academic papers on the subject of Web application security sorted by the year of publication.
Hacking web applications has become a big thing in the last 5 years, just look at the number of holes found in common PHP applications.
It has papers from 2004-2006.
Subjects cover a good range including:
SQLrand: Preventing SQL Injection Attacks
Bypass Testing of Web Applications
Defining a Set of Common Benchmarks for Web Application Security
The Essence of Command Injection Attacks in Web Applications
A Practical Approach for Defeating a Wide Range of Attacks
You can find the resource here:
Academic Papers in Web Application Security
Vulnerabilities in custom web applications are the most common flaws I find during penetration testing nowadays. It is a very important area and these papers should help your knowledge on both sides of the fence.
0 comments:
Post a Comment