2010년 주요 웹 어플리케이션 15가지를 정리를 해 놓았네요. 참고하시기 바랍니다.
http://jeremiahgrossman.blogspot.com/2011/01/final-fifteen-web-hacking-techniques.html
Final Fifteen
http://jeremiahgrossman.blogspot.com/2011/01/final-fifteen-web-hacking-techniques.html
Final Fifteen
- A Twitter DomXss, a wrong fix and something more
- Attacking HTTPS with Cache Injection
- Breaking into a WPA network with a webpage
- Bypassing CSRF protections with ClickJacking and HTTP Parameter Pollution
- CSS History Hack In Firefox Without JavaScript for Intranet Portscanning
- Cross Site URL Hijacking by using Error Object in Mozilla Firefox
- Evercookie
- HTTP POST DoS
- Hacking Auto-Complete (Safari v1, Safari v2 TabHack, Firefox, Internet Explorer)
- Java Applet DNS Rebinding
- JavaSnoop
- NAT Pinning: Penetrating routers and firewalls from a web page
- Next Generation Clickjacking
- 'Padding Oracle' Crypto Attack (poet, Padbuster, demo, ASP.NET)
- Universal XSS in IE8
