Web Application Security (thread)

Internet Explorer Download Zones Mix-up leads to XSS, Yair Amit, 2007/12/25
ORACLE pentest sql injection, Zosen Security, 2007/12/23
SyScan'08 Call For Paper/Training, organiser@syscan.org, 2007/12/18
Administrivia: Moderation Policy and Happy Holidays, Andrew van der Stock, 2007/12/15
Re: Abstracting DB Schema from Web Forms, hiltond, 2007/12/15
- Re: Abstracting DB Schema from Web Forms, Serg B, 2007/12/20
ClubHack2007: Presentation are online now, `ClubHack `, 2007/12/15
blocking CSRF attacks, Pawan, 2007/12/12
- Re: blocking CSRF attacks, Jan Heisterkamp, 2007/12/14
  - Re: blocking CSRF attacks, Sverre H. Huseby, 2007/12/15
- Re: blocking CSRF attacks, makkalot, 2007/12/14
- Re: blocking CSRF attacks, Paul Johnston, 2007/12/15
  - RE: blocking CSRF attacks, Boaz Shunami, 2007/12/20
- Re: blocking CSRF attacks, Daniel Weber, 2007/12/14
- Re: FW: blocking CSRF attacks, Paul Johnston, 2007/12/20
  - Re: FW: blocking CSRF attacks, Martin Johns, 2007/12/23
  - Re: FW: blocking CSRF attacks, Amit Klein, 2007/12/23
  - RE: FW: blocking CSRF attacks, Boaz Shunami, 2007/12/23
Black Hat Briefings Call for Papers, jmoss, 2007/12/12
burp suite v1.1 released, PortSwigger, 2007/12/12
[Full-disclosure] httprecon project, Marc Ruef, 2007/12/11
Defining scope of web application pentest, Vishal Garg, 2007/12/08
- RE: Defining scope of web application pentest, Marco M. Morana, 2007/12/08
  - RE: Defining scope of web application pentest (now scope of an annual medical exam), Clement Dupuis, 2007/12/12
    - Re: Defining scope of web application pentest (now scope of an annual medical exam), Andy Steingruebl, 2007/12/14
    - RE: Defining scope of web application pentest (now scope of an annual medical exam), Clement Dupuis, 2007/12/14
    - Re: Defining scope of web application pentest (now scope of an annual medical exam), Andy Steingruebl, 2007/12/14
    - RE: Defining scope of web application pentest (now scope of an annual medical exam), Vishal Garg, 2007/12/14
- Re: Defining scope of web application pentest, Paul Johnston, 2007/12/12
  - RE: Defining scope of web application pentest, Debasis Mohanty, 2007/12/15
- RE: Defining scope of web application pentest, Naveed Ahmed, 2007/12/12
[Security Advisorie] OpenNewsletter v2.5 Multipe XSS Attacks, Sarasa, 2007/12/06
HITBSecConf2007 Malaysia Videos Now Available, Praburaajan, 2007/12/06
The first release of SWFIntruder is out !, Stefano Di Paola, 2007/12/04
Session security with cookies, Till Elsner, 2007/12/04
- Re: Session security with cookies, Paul Johnston, 2007/12/04
- RE: Session security with cookies, Jeffory Atkinson, 2007/12/04
  - Re: Session security with cookies, bugtraq, 2007/12/04
  - Re: Session security with cookies, Thomas, 2007/12/05
    - Re: Session security with cookies, Aaron Katz, 2007/12/05
    - Re: Session security with cookies, Aaron Katz, 2007/12/05
  - Re: Session security with cookies, Vicente Aguilera, 2007/12/05
    - RE: Session security with cookies, WebAppSec, 2007/12/08
- Re: Session security with cookies, Ron, 2007/12/04
  - Message not available
    - Re: Session security with cookies, Scott C. Sanchez, 2007/12/04
    - RE: Session security with cookies, Martin O'Neal, 2007/12/05
  - Re: Session security with cookies, Aaron Katz, 2007/12/04
    - Re: Session security with cookies, Till Elsner, 2007/12/05
    - Re: Session security with cookies, Aaron Katz, 2007/12/05
    - Re: Session security with cookies, Till Elsner, 2007/12/05
    - Re: Session security with cookies, Aaron Katz, 2007/12/05
    - Re: Session security with cookies, Aaron Shelmire, 2007/12/08
    - Re: Session security with cookies, Eduardo Tongson, 2007/12/08
    - Cryptographically Generated Cookies, Paul Johnston, 2007/12/12
    - Re: Cryptographically Generated Cookies, Andy Steingruebl, 2007/12/14
    - Re: Cryptographically Generated Cookies, Jamie Riden, 2007/12/14
    - RE: Session security with cookies, Martin O'Neal, 2007/12/12
- Re: Session security with cookies, Eduardo Tongson, 2007/12/05