Web Application Security (thread)

Technika - Attack Scripting Environment, pdp (architect), 2007/01/31
Targeted password cracking by exploiting the registration functionality of a web application., Anurag Agarwal, 2007/01/31
[Full-disclosure] 2007 Security OPUS CFP: Closed (Agenda included), Sharkey, 2007/01/31
[Full-disclosure] stompy the session stomper - tool availability, Michal Zalewski, 2007/01/27
- Re: [Full-disclosure] stompy the session stomper - tool availability, Simon Smith, 2007/01/27
- Re: [Full-disclosure] stompy the session stomper - tool availability, Rogan Dawes, 2007/01/28
  - Re: [Full-disclosure] stompy the session stomper - tool availability, Michal Zalewski, 2007/01/28
- Re: [Full-disclosure] stompy the session stomper - tool availability, Michal Zalewski, 2007/01/31
How extract URL-link from flash(.swf) file by PHP?, 김영일, 2007/01/24
- Re: How extract URL-link from flash(.swf) file by PHP?, homegrown, 2007/01/24
  - Re: How extract URL-link from flash(.swf) file by PHP?, Korhan GURLER, 2007/01/25
WASC-Articles: Seeking Guest Writers, robert, 2007/01/23
EUSecWest 2007 Papers, Dragos Ruiu, 2007/01/18
Cross Domain Ajax Sniffer - Proof of concept, Anurag Agarwal, 2007/01/17
Announcement: The Cross-site Request Forgery FAQ, bugtraq, 2007/01/16
Fwd: SF new column announcement: PHP apps - Security's Low-Hanging Fruit, Andrew van der Stock, 2007/01/09
Re: [WEB SECURITY] Using .htaccess to protect from XSS attacks, RSnake, 2007/01/09
QASEC Announcement: Writing Software Security Test Cases, bugtraq, 2007/01/09
Adobe Acrobat Reader Plugin - Multiple Vulnerabilities, Stefano Di Paola, 2007/01/03
Black Hat New Years Updates (Free Stuff, too!), Jeff Moss, 2007/01/03
Re: Fierce domain scan released, RSnake, 2007/01/02