The Web Security Mailing List (2009 February)

• Thread Index

• Re: [WEB SECURITY] my website captcha broken??
  • From: Bil Corry
• Re: [WEB SECURITY] my website captcha broken??
  • From: MustLive
• [WEB SECURITY] Common Natures of Trojan Infection
  • From: 7Lyrix
• Re: [WEB SECURITY] Common Natures of Trojan Infection
  • From: Simone Onofri
• Re: [WEB SECURITY] Common Natures of Trojan Infection
  • From: prasanna.k
• Re: [WEB SECURITY] Common Natures of Trojan Infection
  • From: Simone Onofri
• [WEB SECURITY] The security industry needs to re-align its training expectations for QA
  • From: robert
• Re: [WEB SECURITY] The security industry needs to re-align its training expectations for QA
  • From: Bil Corry
• [WEB SECURITY] Web Hacking Incidents update for Feb 3rd
  • From: Ofer Shezaf
• Re: [WEB SECURITY] The security industry needs to re-align its training expectations for QA
  • From: Rafal @ IsHackingYou.com
• Re: [WEB SECURITY] The security industry needs to re-align its training expectations for QA
  • From: Andy Steingruebl
• [WEB SECURITY] [Tool] sqlmap 0.6.4 released
  • From: Bernardo Damele A. G.
• Re: [WEB SECURITY] The security industry needs to re-align its training expectations for QA
  • From: Rafal @ IsHackingYou.com
• Re: [WEB SECURITY] Common Natures of Trojan Infection
  • From: Stefan Tanase
• [WEB SECURITY] Attacker flaunts details of phpBB hack
  • From: robert
• [WEB SECURITY] Web Application Security Consortium (WASC) RSA Meetup 2009
  • From: announcements
• Re: [WEB SECURITY] Common Natures of Trojan Infection
  • From: chris hofmann
• [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: Arian J. Evans
• [WEB SECURITY] Re: Any special tool for testing a web chat application?
  • From: Arian J. Evans
• [WEB SECURITY] Call for Papers - OWASP Ireland 2009 - September 10th
  • From: Eoin
• [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: Arian J. Evans
• Re: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: gaz Heyes
• Re: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: Ivan Ristic
• Re: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: Ivan Ristic
• Re: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: gaz Heyes
• Re: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: gaz Heyes
• Re: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: Andre Gironda
• Re: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: Ryan Barnett
• Re: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: gaz Heyes
• Re: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: Arian J. Evans
• Re: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: Ivan Ristic
• Re: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: Andre Gironda
• Re: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: gaz Heyes
• Re: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: Arian J. Evans
• Re: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: Andre Gironda
• Re: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: Joe White
• Re: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: Joe White
• Re: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: Arian J. Evans
• RE: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: Martin O'Neal
• [WEB SECURITY] 02/2009 WASC WAF thread
  • From: Arian J. Evans
• Re: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: John Thompson
• Re: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: Anurag Agarwal
• Re: [WEB SECURITY] 02/2009 WASC WAF thread
  • From: Achim Hoffmann
• Re: [WEB SECURITY] 02/2009 WASC WAF thread
  • From: Andre Gironda
• [WEB SECURITY] Classification of DoS vulnerabilities in web applications
  • From: MustLive
• [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Martin O'Neal
• RE: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: Martin O'Neal
• RE: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: Martin O'Neal
• RE: [WEB SECURITY] 02/2009 WASC WAF thread
  • From: Martin O'Neal
• Re: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: Jim Manico
• Re: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: Andre Gironda
• Re: [WEB SECURITY] 02/2009 WASC WAF thread
  • From: Andre Gironda
• Re: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: Marcin Wielgoszewski
• RE: [WEB SECURITY] 02/2009 WASC WAF thread
  • From: Ofer Shezaf
• Re: [WEB SECURITY] 02/2009 WASC WAF thread
  • From: Achim Hoffmann
• [WEB SECURITY] Common Trojan Signatures that can be detectable
  • From: 7Lyrix
• Re: [WEB SECURITY] Fwd: [SC-L] OWASP Podcast #6: WAFs
  • From: Ryan Barnett
• [WEB SECURITY] PHP filesystem attack vectors
  • From: ascii
• Re: [WEB SECURITY] OWASP / WASC
  • From: Jeremiah Grossman
• Re: [WEB SECURITY] OWASP / WASC
  • From: Ivan Ristic
• [WEB SECURITY] Application Security Vendors Need Help With Reporting
  • From: robert
• Re: [WEB SECURITY] OWASP / WASC
  • From: Ivan Ristic
• Re: [WEB SECURITY] OWASP / WASC
  • From: Jim Manico
• Re: [WEB SECURITY] OWASP / WASC
  • From: Andre Gironda
• Re: [WEB SECURITY] OWASP / WASC
  • From: bugtraq
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Arian J. Evans
• [WEB SECURITY] Attacking PRNGs in virtual machines?
  • From: robert
• [WEB SECURITY] Design and Logic Flaws
  • From: Mostafa Siraj
• RE: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Martin O'Neal
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Andre Gironda
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Micah Tapman
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Andre Gironda
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: bugtraq
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: lucifer.yang
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Andre Gironda
• Re: [WEB SECURITY] Design and Logic Flaws
  • From: Bil Corry
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: bugtraq
• RE: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Chris Eng
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Andre Gironda
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Bil Corry
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Andre Gironda
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Anurag Agarwal
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: bugtraq
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Andre Gironda
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: bugtraq
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Andre Gironda
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: bugtraq
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Andre Gironda
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: lucifer.yang
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Achim Hoffmann
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Arian J. Evans
• RE: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Martin O'Neal
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Dinis
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Andre Gironda
• RE: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Schmidt, Albert E
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Ryan Barnett
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Andre Gironda
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Andre Gironda
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Arian J. Evans
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: lucifer.yang
• Re: [WEB SECURITY] Design and Logic Flaws
  • From: Steven M. Christey
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Achim Hoffmann
• RE: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Martin O'Neal
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Achim Hoffmann
• [WEB SECURITY] When all you have is a hammer...
  • From: Rafal @ IsHackingYou.com
• [WEB SECURITY] WAF related - Web Application Incident Response
  • From: Joe White
• RE: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Achim Hoffmann
• Re: [WEB SECURITY] WAF related - Web Application Incident Response
  • From: Jim Manico
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Arian J. Evans
• Re: [WEB SECURITY] When all you have is a hammer...
  • From: Arian J. Evans
• Re: [WEB SECURITY] When all you have is a hammer...
  • From: Rafal @ IsHackingYou.com
• Re: [WEB SECURITY] When all you have are techniques and no process
  • From: Arian J. Evans
• Re: [WEB SECURITY] When all you have is a hammer...
  • From: Dinis Cruz
• Re: [WEB SECURITY] When all you have is a hammer...
  • From: Pravir Chandra
• [WEB SECURITY] Web Hacking Incidents update for Feb 10th
  • From: Ofer Shezaf
• RE: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Martin O'Neal
• RE: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Ofer Shezaf
• RE: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Ofer Shezaf
• RE: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Achim Hoffmann
• RE: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Ofer Shezaf
• RE: [WEB SECURITY] Design and Logic Flaws
  • From: Ofer Shezaf
• RE: [WEB SECURITY] Web Hacking Incidents update for Feb 10th
  • From: Eric Rachner
• RE: [WEB SECURITY] Web Hacking Incidents update for Feb 10th
  • From: Ofer Shezaf
• Re: [WEB SECURITY] When all you have is a hammer...
  • From: Andre Gironda
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Andre Gironda
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Andre Gironda
• Re: [WEB SECURITY] WAF related - Web Application Incident Response
  • From: Joe White
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Andre Gironda
• Re: [WEB SECURITY] WAF related - Web Application Incident Response
  • From: Jim Manico
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: lucifer.yang
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: Andre Gironda
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread
  • From: lucifer.yang
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread (with a bit of HTTP DDoS)
  • From: christian.folini
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread (with a bit of HTTP
  • From: bugtraq
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread (with a bit of HTTP
  • From: Andre Gironda
• Re: [WEB SECURITY] RE: 02/2009 WASC WAF thread (with a bit of HTTP
  • From: lucifer.yang
• [WEB SECURITY] what WASC TC is CSRF in?
  • From: Weiler, Jim
• Re: [WEB SECURITY] what WASC TC is CSRF in?
  • From: Jeremiah Grossman
• Re: [WEB SECURITY] what WASC TC is CSRF in?
  • From: bugtraq
• Re: [WEB SECURITY] what WASC TC is CSRF in?
  • From: Arian J. Evans
• Re: [WEB SECURITY] what WASC TC is CSRF in?
  • From: Joe White
• Re: [WEB SECURITY] what WASC TC is CSRF in?
  • From: MustLive
• Re: [WEB SECURITY] what WASC TC is CSRF in?
  • From: bugtraq
• [WEB SECURITY] Reverse proxy pen testing
  • From: Gopinath U
• Re: [WEB SECURITY] Reverse proxy pen testing
  • From: Emilio Casbas
• [WEB SECURITY] Weekly Web Hacking Incidents update for Feb 19th
  • From: Ofer Shezaf
• [WEB SECURITY] List of Hidden Admin Parameters
  • From: 7Lyrix
• RE: [WEB SECURITY] List of Hidden Admin Parameters
  • From: Tom Stripling
• Re: [WEB SECURITY] List of Hidden Admin Parameters
  • From: Arian J. Evans
• [WEB SECURITY] Recommendations for Application Development Security Training Courses
  • From: Jon Kibler
• RE: [WEB SECURITY] Recommendations for Application Development Security Training Courses
  • From: steve jensen
• Re: [WEB SECURITY] Recommendations for Application Development Security Training Courses
  • From: Dean H. Saxe
• [WEB SECURITY] Secunia feed gone for good?
  • From: Mark Brown
• Re: [WEB SECURITY] Secunia feed gone for good?
  • From: Steven M. Christey
• Re: [WEB SECURITY] Design and Logic Flaws
  • From: MustLive
• [WEB SECURITY] Security in Virtual Worlds and 3D Webs: Final Call for Chapter Proposals
  • From: rea
• [WEB SECURITY] Database Firewall
  • From: Jon Kibler
• [WEB SECURITY] Techniques for writing secure and heterogeneous web apps
  • From: Etienne Robillard
• [WEB SECURITY] Database Security assessment
  • From: vimala anand
• [WEB SECURITY] Top Ten Web Hacking Techniques of 2008 (Official)
  • From: Jeremiah Grossman
• [WEB SECURITY] "Enterprise Web Application Security Program"... baby steps
  • From: Rafal Los
• [WEB SECURITY] My Web 2.0 top security threats list
  • From: Ofer Shezaf
• Re: [WEB SECURITY] "Enterprise Web Application Security Program"... baby steps
  • From: Dave Ferguson
• [WEB SECURITY] Weekly Web Hacking Incidents update for Feb 25th
  • From: Ofer Shezaf
• [WEB SECURITY] Testing web applications that require client certificates
  • From: Marcin Wielgoszewski
• RE: [WEB SECURITY] Testing web applications that require client certificates
  • From: Eric Rachner
• [WEB SECURITY] Card readers for online banking
  • From: Colin Watson
• [WEB SECURITY] App Firewalls
  • From: Jon Kibler
• [WEB SECURITY] CALL FOR PAPERS: The 4th International Conference for Internet Technology and Secured Transactions (ICITST-2009), Technical Co-Sponsored by IEEE UK/RI Section
  • From: info