I found a useful resource containing a whole list of academic papers on web-application security.
This list represents an attempt to collect academic papers on the subject of Web application security sorted by the year of publication.
Hacking web applications has become a big thing in the last 5 years, just look at the number of holes found in common PHP applications.
It has papers from 2004-2006.
Subjects cover a good range including:
SQLrand: Preventing SQL Injection Attacks
Bypass Testing of Web Applications
Defining a Set of Common Benchmarks for Web Application Security
The Essence of Command Injection Attacks in Web Applications
A Practical Approach for Defeating a Wide Range of Attacks
You can find the resource here:
Academic Papers in Web Application Security
Vulnerabilities in custom web applications are the most common flaws I find during penetration testing nowadays. It is a very important area and these papers should help your knowledge on both sides of the fence.
This list represents an attempt to collect academic papers on the subject of Web application security sorted by the year of publication.
Hacking web applications has become a big thing in the last 5 years, just look at the number of holes found in common PHP applications.
It has papers from 2004-2006.
Subjects cover a good range including:
SQLrand: Preventing SQL Injection Attacks
Bypass Testing of Web Applications
Defining a Set of Common Benchmarks for Web Application Security
The Essence of Command Injection Attacks in Web Applications
A Practical Approach for Defeating a Wide Range of Attacks
You can find the resource here:
Academic Papers in Web Application Security
Vulnerabilities in custom web applications are the most common flaws I find during penetration testing nowadays. It is a very important area and these papers should help your knowledge on both sides of the fence.
