Web Application Security (thread)

PhD Positions in Language-based Security at Chalmers, Andrei Sabelfeld, 2008/03/31
[Full-disclosure] What's going on about Pangolin, zwell, 2008/03/27
[Full-disclosure] Pangolin v1.2.590 - The best SQL injector you've ever seen, zwell, 2008/03/26
- Re: [Full-disclosure] Pangolin v1.2.590 - The best SQL injector you've ever seen, A. Ramos, 2008/03/26
  - Re: [Full-disclosure] Pangolin v1.2.590 - The best SQL injector you've ever seen, Razi Shaban, 2008/03/26
    - Re: [Full-disclosure] Pangolin v1.2.590 - The best SQL injector you've ever seen, davidrook, 2008/03/26
    - Re: [Full-disclosure] Pangolin v1.2.590 - The best SQLinjector you've ever seen, josh, 2008/03/26
    - Re: [Full-disclosure] Pangolin v1.2.590 - The best SQLinjector you've ever seen, Russ McRee, 2008/03/26
OpenID and the web, Steven Rakick, 2008/03/25
- Re: OpenID and the web, David Wall, 2008/03/25
  - Message not available
    - Re: OpenID and the web, David Wall, 2008/03/25
- Re: OpenID and the web, Adrian Migraso, 2008/03/25
- Re: OpenID and the web, Eric Marden, 2008/03/25
  - Re: OpenID and the web, Babu.N, 2008/03/26
    - Re: OpenID and the web, Razi Shaban, 2008/03/26
    - Re: OpenID and the web, Jeff Robertson, 2008/03/27
    - RE: OpenID and the web, Calderon, Juan Carlos (GE, Corporate, consultant), 2008/03/27
    - Re: OpenID and the web, Lucas Oman, 2008/03/27
    - Re: OpenID and the web, Razi Shaban, 2008/03/27
    - Re: OpenID and the web, David Wall, 2008/03/27
    - Re: OpenID and the web, Jeremiah Cornelius, 2008/03/27
    - RE: OpenID and the web, Chris Grove, 2008/03/27
- Re: OpenID and the web, Pete Jansson, 2008/03/27
  - Re: OpenID and the web, baldr, 2008/03/27
CanSecWest 2008 PWN2OWN - Mar 26-28, Dragos Ruiu, 2008/03/21
[MSA02240108] IE7 allows overwriting of several headers leading to Http request Splitting and smuggling., Minded Security Research Labs, 2008/03/21
[MSA01240108] IE7 Transfer-Encoding: chunked allows Request Splitting/Smuggling., Minded Security Research Labs, 2008/03/21
Release of webshag 1.00!, webshag, 2008/03/20
AW: web application scanning tool - any unsecure demo sites out t here to run them against?, Martin Muench, 2008/03/19
CSRF attack in Firefox, Vishal Garg, 2008/03/18
- Re: CSRF attack in Firefox, Jamie Riden, 2008/03/18
- Re: CSRF attack in Firefox, Ali, Saqib, 2008/03/18
web application scanning tool - any unsecure demo sites out there to run them against?, bigbert007, 2008/03/18
- RE: web application scanning tool - any unsecure demo sites out there to run them against?, Darren Webb, 2008/03/18
  - Re: web application scanning tool - any unsecure demo sites out there to run them against?, bigbert007, 2008/03/18
- RE: web application scanning tool - any unsecure demo sites out there to run them against?, Chris Grove, 2008/03/18
- Fwd: Re: web application scanning tool - any unsecure demo sites out there to run them against?, RUI PEREIRA - WCG, 2008/03/18
  - RE: Re: web application scanning tool - any unsecure demo sites out there to run them against?, Thakrar, Saurabh, 2008/03/18
PHP Security, Greg Song, 2008/03/18
- Re: PHP Security, Eduardo Tongson, 2008/03/18
- Re: PHP Security, Eric Marden, 2008/03/18
  - Re: PHP Security, Greg Song, 2008/03/19
- Re: PHP Security, Greg Song, 2008/03/18
Troopers08 Security Conference, 23/24 April (Munich/Germany), Enno Rey, 2008/03/17
Black Hat Announcements: New CFP system and Japan '08 confirmed, jmoss, 2008/03/15
Plone CMS Security Research: the Art of Plowning, Adrian Pastor, 2008/03/13
AW: post vulnerability scenario, Martin Muench, 2008/03/12
Re: extra dot on domain name gives different site, Javier Fernandez-Sanguino, 2008/03/10
Re: Web Application Security, Javier Fernandez-Sanguino, 2008/03/10
- Re: Web Application Security, Zack Peters, 2008/03/11
  - RE: Web Application Security, Jayaraman, Anand X., 2008/03/11
  - RE: Web Application Security, Ofer Shezaf, 2008/03/12
post vulnerability scenario, davemitch, 2008/03/07