[转载]watchfire.com的几本新书

信息来源：邪恶八进制信息安全团队（www.eviloctal.com）


那天整理邮箱看到的，WatchFire的一些新paper,主页上都有下，就不上传了，转过来，我只研究了这本Blind XPath Injection，其它的都看过了，大同小异
（PS:  WatchFire 出的白皮书还是很有价值的）  

Cross-Site Scripting Explained
http://www.watchfire.com/resources/css-explained.pdf

Hacking Web Applications Using Cookie Poisoning
http://www.watchfire.com/resourc ... ookie-poisoning.pdf

Brown University 2005 E-Government Study
http://www.watchfire.com/resources/egovt05us.pdf

The Future of eGovernment
http://www.watchfire.com/resources/future-egov.pdf

Security and Regulatory Compliance: Don't Forget Your Intranet
http://www.watchfire.com/resources/IDCViewpoint-Intranets.pdf

Responsible for a Financial Services Website? What Every Executive Needs to Know About Website Security
http://www.watchfire.com/resourc ... in-serv-website.pdf

Addressing Challenges in Application Security
http://www.watchfire.com/resourc ... in-App-Security.pdf

HTTP Request Smuggling
http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf

Privacy Trust Survey for Online Banking Report
http://www.watchfire.com/resources/privacy-survey.pdf

Compliance in an Online Environment
http://www.watchfire.com/resourc ... ine-environment.pdf

Blind XPath Injection
http://www.watchfire.com/resources/blind-xpath-injection.pdf

HTTP Response Splitting, Web Cache Poisoning Attacks, and Related Topics Whitepaper
http://www.watchfire.com/resources/HTTPResponseSplitting.pdf

Developing and Deploying Secure Web Applications
http://www.watchfire.com/resources/developingsecurewebapps.pdf