The Web Security Mailing List (2009 January)

• Thread Index

• [WEB SECURITY] [Tool Release] TA-Mapper BETA: Application Pen-Testing Effort Estimator
  • From: Debasis Mohanty
• [WEB SECURITY] How Bypass firewall with Process Injection
  • From: Simorgh Security
• [WEB SECURITY] [Tool Release] PMD v 1.4 has released!!!
  • From: evil fingers
• [WEB SECURITY] Fwd: CALL FOR PRESENTATIONS - OWASP AppSec Europe 2009 Poland
  • From: Sebastien Deleersnyder
• Re: [WEB SECURITY] Collection of 2009 Security Predictions
  • From: Jari Pirhonen
• [WEB SECURITY] Top 5-ish Threats to Watch for in 2009
  • From: Pete Herzog
• Re: [WEB SECURITY] HTTPOnly Cookies Specification
  • From: Bil Corry
• RE: [WEB SECURITY] Wanna to learn about application security
  • From: Ziots, Edward
• [WEB SECURITY] SSO on a Web Apps
  • From: Sebastien gioria
• Re: [WEB SECURITY] SSO on a Web Apps
  • From: Arin Komins
• RE: [WEB SECURITY] Collection of 2009 Security Predictions
  • From: Rafal Los
• RE: [WEB SECURITY] Collection of 2009 Security Predictions
  • From: Gunter Ollmann
• Re: [WEB SECURITY] SSO on a Web Apps
  • From: Morrow Long
• [WEB SECURITY] Calling the Array constructor in IE
  • From: gaz Heyes
• [WEB SECURITY] Java Serialized Objects security testing
  • From: KT
• [WEB SECURITY] Twitter JSON hacking
  • From: gaz Heyes
• Re: [WEB SECURITY] Java Serialized Objects security testing
  • From: James Landis
• Re: [WEB SECURITY] Java Serialized Objects security testing
  • From: Rohit Lists
• Re: [WEB SECURITY] Java Serialized Objects security testing
  • From: Arian J. Evans
• [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Mangiarelli, Jerry
• [WEB SECURITY] Decommissioning Applications.
  • From: H S
• [WEB SECURITY] The Marquee Tag and XSS
  • From: Ofer Shezaf
• Re: [WEB SECURITY] The Marquee Tag and XSS
  • From: Richard Moore
• Re: [WEB SECURITY] The Marquee Tag and XSS
  • From: Bill Pennington
• RE: [WEB SECURITY] The Marquee Tag and XSS
  • From: Rafal Los
• [WEB SECURITY] Totals of web security's evolution in 2008
  • From: MustLive
• Re: [WEB SECURITY] Totals of web security's evolution in 2008
  • From: Luis Matus
• [WEB SECURITY] XSS Impact
  • From: Pete Lindstrom
• Re: [WEB SECURITY] XSS Impact
  • From: Eric Rachner
• Re: [WEB SECURITY] XSS Impact
  • From: Bill Pennington
• RE: [WEB SECURITY] XSS Impact
  • From: steve jensen
• Re: [WEB SECURITY] XSS Impact
  • From: Eric Rachner
• Re: [WEB SECURITY] XSS Impact
  • From: Chris Varenhorst
• [WEB SECURITY] Mitigating XSS in existing JEE apps with AOP - Proof of Concept
  • From: Rohit Lists
• Re: [WEB SECURITY] Totals of web security's evolution in 2008
  • From: li bo
• RE: [WEB SECURITY] XSS Impact
  • From: Ofer Shezaf
• Re: [WEB SECURITY] The Marquee Tag and XSS
  • From: Ory Segal
• RE: [WEB SECURITY] The Marquee Tag and XSS
  • From: Ofer Shezaf
• Re: [WEB SECURITY] XSS Impact
  • From: DiPo
• RE: [WEB SECURITY] XSS Impact
  • From: Porttikivi, Anssi
• Re: [WEB SECURITY] XSS Impact
  • From: Steve Pinkham
• Re: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Arian J. Evans
• Re: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: r
• Re: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Arian J. Evans
• Re: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Andy Steingruebl
• Re: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Marcin Wielgoszewski
• Re: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Arian J. Evans
• Re: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Trey Ford
• RE: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Chris Eng
• [WEB SECURITY] Static code analyzers
  • From: Michael Williams
• RE: [WEB SECURITY] Static code analyzers
  • From: Bryan Sullivan
• Re: [WEB SECURITY] Totals of web security's evolution in 2008
  • From: MustLive
• Re: [WEB SECURITY] Static code analyzers
  • From: Justin Clarke
• RE: [WEB SECURITY] Static code analyzers
  • From: John Johnson
• Re: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Arian J. Evans
• RE: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Chris Eng
• Re: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Arian J. Evans
• [WEB SECURITY] CSRF remedies in
  • From: Eric Rachner
• Re: [WEB SECURITY] CSRF remedies in
  • From: Steve Pinkham
• Re: [WEB SECURITY] CSRF remedies in
  • From: Arian J. Evans
• RE: [WEB SECURITY] XSS Impact
  • From: Rafal Los
• Re: [WEB SECURITY] CSRF remedies in
  • From: Ory Segal
• RE: [WEB SECURITY] CSRF remedies in
  • From: Walter Tsai
• Re: [WEB SECURITY] CSRF remedies in
  • From: Stephen de Vries
• Re: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Stephen de Vries
• Re: [WEB SECURITY] Static code analyzers
  • From: Mostafa Siraj
• Re: [WEB SECURITY] The Marquee Tag and XSS
  • From: gaz Heyes
• RE: [WEB SECURITY] CSRF remedies in
  • From: Ragan, Rob R
• Re: [WEB SECURITY] CSRF remedies in
  • From: Minoo Hamilton
• Re: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Steven M. Christey
• Re: [WEB SECURITY] CSRF remedies in
  • From: Stephan Wehner
• Re: [WEB SECURITY] CSRF remedies in
  • From: Eric Rachner
• RE: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Amichai Shulman
• RE: [WEB SECURITY] CSRF remedies in
  • From: Ragan, Rob R
• Re: [WEB SECURITY] CSRF remedies in
  • From: Licky Lindsay
• RE: [WEB SECURITY] CSRF remedies in
  • From: Ragan, Rob R
• Re: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Arian J. Evans
• RE: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Steven M. Christey
• Re: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Steven M. Christey
• [WEB SECURITY] re: top 25 discussion
  • From: Glenn Everhart
• [WEB SECURITY] Top N Lists
  • From: BBukowski
• RE: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Micah Tapman
• Re: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Arian J. Evans
• Re: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Arian J. Evans
• Re: [WEB SECURITY] CSRF remedies in
  • From: Stephan Wehner
• Re: [WEB SECURITY] CSRF remedies in
  • From: Stephan Wehner
• Re: [WEB SECURITY] CSRF remedies in
  • From: 54van7
• Re: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Pete Herzog
• RE: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Tom Brennan - Proactive Risk
• Re: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Steven M. Christey
• Re: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Steven M. Christey
• Re: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Arian J. Evans
• Re: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: bugtraq
• [WEB SECURITY] SANS/CWE Top 25: "The New Standard" for Webappsec
  • From: Arian J. Evans
• [WEB SECURITY] The hole which can save the world
  • From: MustLive
• [WEB SECURITY] what is going on in these blogspot sites?
  • From: TheGesus
• RE: [WEB SECURITY] The Marquee Tag and XSS
  • From: Ofer Shezaf
• Re: [WEB SECURITY] The Marquee Tag and XSS
  • From: gaz Heyes
• RE: [WEB SECURITY] The Marquee Tag and XSS
  • From: Ofer Shezaf
• [WEB SECURITY] Implementation of Security Operations Center
  • From: Afsar Pasha Peeran
• Re: [WEB SECURITY] The hole which can save the world
  • From: Luke Crouch
• [WEB SECURITY] Re: [SC-L] SANS/CWE Top 25: "The New Standard" for Webappsec
  • From: Stephen Craig Evans
• [WEB SECURITY] Talking to non-technical folks
  • From: Prasad Shenoy
• [WEB SECURITY] Re: [SC-L] SANS/CWE Top 25: "The New Standard" for Webappsec
  • From: Arian J. Evans
• [WEB SECURITY] Web Hacking Incidents update for Jan 19th
  • From: Ofer Shezaf
• AW: [WEB SECURITY] Talking to non-technical folks
  • From: christian.folini
• Re: [WEB SECURITY] Talking to non-technical folks
  • From: Esteban RibiÄiÄ
• Re: [WEB SECURITY] The hole which can save the world
  • From: MustLive
• [WEB SECURITY] R: [WEB SECURITY] Static code analyzers
  • From: Vicari Marco Vincenzo (UGIS - UniCredit Group)
• Re: [WEB SECURITY] R: [WEB SECURITY] Static code analyzers
  • From: Dinis Cruz
• [WEB SECURITY] Security metrics on flaws detected during architectural review?
  • From: robert
• [WEB SECURITY] JBroFuzz 1.2 Released
  • From: subere
• [WEB SECURITY] C# test suite for testing static code analyzers
  • From: Michael Williams
• RE: [WEB SECURITY] C# test suite for testing static code analyzers
  • From: steve jensen
• Re: [WEB SECURITY] C# test suite for testing static code analyzers
  • From: Mostafa Siraj
• [WEB SECURITY] Classification of DoS vulnerabilities in browsers
  • From: MustLive
• Re: [WEB SECURITY] C# test suite for testing static code analyzers
  • From: romain
• Re: [WEB SECURITY] C# test suite for testing static code analyzers
  • From: Cristian Serban
• RE: [WEB SECURITY] C# test suite for testing static code analyzers
  • From: Michael Williams
• [WEB SECURITY] JavaScript Obfuscators
  • From: Sophia Sun
• Re: [WEB SECURITY] C# test suite for testing static code analyzers
  • From: romain
• Re: [WEB SECURITY] C# test suite for testing static code analyzers
  • From: Dinis Cruz
• Re: [WEB SECURITY] C# test suite for testing static code analyzers
  • From: romain
• Re: [WEB SECURITY] JavaScript Obfuscators
  • From: James Landis
• Re: [WEB SECURITY] JavaScript Obfuscators
  • From: Sophia Sun
• RE: [WEB SECURITY] JavaScript Obfuscators
  • From: Hoffman, Billy
• RE: [WEB SECURITY] JavaScript Obfuscators
  • From: Eric Rachner
• Re: [WEB SECURITY] JavaScript Obfuscators
  • From: gaz Heyes
• RE: [WEB SECURITY] C# test suite for testing static code analyzers
  • From: Michael Williams
• Re: [WEB SECURITY] C# test suite for testing static code analyzers
  • From: romain
• Re: [WEB SECURITY] JavaScript Obfuscators
  • From: Sophia Sun
• [WEB SECURITY] Calling all Researchers! Send in the Top Web Hacking Techniques of 2008
  • From: Jeremiah Grossman
• [WEB SECURITY] Web Application Scanners Comparison
  • From: anantasec
• RE: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Campbell, Richard S.
• [WEB SECURITY] Re: Web Application Scanners Comparison
  • From: romain
• Re: [WEB SECURITY] 2009 Top 25 Programming Errors
  • From: Arian J. Evans
• [WEB SECURITY] RE: Web Application Scanners Comparison
  • From: Albert
• [WEB SECURITY] Web Hacking Incidents update for Jan 28th
  • From: Ofer Shezaf
• Re: [WEB SECURITY] RE: Web Application Scanners Comparison
  • From: Rafal @ IsHackingYou.com
• Re: [WEB SECURITY] RE: Web Application Scanners Comparison
  • From: bugtraq
• Re: [WEB SECURITY] Calling all Researchers! Send in the Top Web Hacking Techniques of 2008
  • From: MustLive
• RE: [WEB SECURITY] RE: Web Application Scanners Comparison
  • From: Martin O'Neal
• Re: [WEB SECURITY] RE: Web Application Scanners Comparison
  • From: Rafal @ IsHackingYou.com
• Re: [WEB SECURITY] Web Application Scanners Comparison
  • From: Ory Segal
• Re: [WEB SECURITY] Web Application Scanners Comparison
  • From: anantasec
• [WEB SECURITY] CSRF on Novell GroupWise WebAccess allows email theft and other attacks
  • From: Adrian P .
• [WEB SECURITY] my website captcha broken??
  • From: Luis Matus
• Re: [WEB SECURITY] my website captcha broken??
  • From: Raymond Forbes
• Re: [WEB SECURITY] my website captcha broken??
  • From: John Doesnot
• Re: [WEB SECURITY] my website captcha broken??
  • From: Ray Foo
• Re: [WEB SECURITY] my website captcha broken??
  • From: Pavol Luptak
• Re: [WEB SECURITY] my website captcha broken??
  • From: r
• Re: [WEB SECURITY] my website captcha broken??
  • From: Bil Corry
• Re: [WEB SECURITY] my website captcha broken??
  • From: BlackHawk
• RE: [WEB SECURITY] my website captcha broken??
  • From: Wayne Lee
• Re: [WEB SECURITY] my website captcha broken??
  • From: Mr Omnipresent®
• Re: [WEB SECURITY] my website captcha broken??
  • From: Gunter Ollmann