| Pentestmonkey.net - MSSQL injection cheat sheet |
| Document Version 1.4 - SQL Injection Cheat Sheet |
| EvilSQL cheatsheet |
| Esp: for filter evasion - RSnake SQL injection cheatsheet |
| Mediaservice.net -SQLi Cheatsheet |
| MySQL injection cheat sheet |
| Full MSSQL injection PWNage |
| MS Access SQL injection cheat sheet |
| MS Access SQL injection cheatsheet-2 |
| Penetration testing - Access SQL injection |
| Testing for MS Access - a part of OWASP Testing Guide v3 |
| The complete guide to SQL injections |
| Obfuscated SQL injection attacks |
| Exploiting hard filtered SQL injections |
| SQL injection attack |
| LayerOne 2009-video - Advanced SQL Injection |
| SQLi - Advanced SQL injection L1 2009.pdf (application/pdf Object) |
| DojoSec monthly briefings -Feb2009 - SQL injection |
| WebApp security forum - Obfuscation : SQL filter evasion |
| Sqli2.pdf (application/pdf Object) |
| SQLTeam.com - SQL server version |
| Overlooked SQL injection 20071021.pdf (application/pdf Object) |
| SQLInjectionCommentary20071021.pdf (application/pdf Object) |
| Bypassing upload file type -Google search |
| Adobe responds... sort of |
| Secure file upload in PHP WebApp |
| Perishable press -Stupid htaccess tricks> |
| Tricks and tips - Bypassing image uploaders> |
| FCKeditor - Security FCKeditor ADS file upload vulnerability -Windows only> |
| Cross Site Scripting scanner -Free XSS security scanner |
| Security Advisories -VUPEN/ADV-2009-3634 -MS IIS file extension processing security bypass vulnerability/exploit |
| MS ASP.NET file field control - Uploading files using the file field control> |
| TangoCMS -Security #237 - File upload filter bypass in TangoCMS <='2.5.0 |
| Zeroboard file upload & extension bypass vulnerability |
| GNUcitizen - Cross-site file upload attacks |
| Script file upload security bypass vulnerability |
| FileUploadSecurity - SH/SC wiki |
| LFI Fuzzing |
| Exploiting PHP file inclusion weblog |
| LFI..code exec..remote root! |
| Neohapsis labs - Local file inclusion |
| DigiNinja - When all you can do is read |
| CVE-2010-2861 - ColdFusion directory traversal FAQ |
| Attacking ColdFusion |
| Attacking ColdFusion |
| HP blog hub -Adobe ColdFusion's directory traversal disaster |
| 254 ShlomyGantz August2009 - HackProofingColdFusion.pdf (application/pdf Object) |
| Adobe XML - Adobe XML injection Metasploit module |
| Computer Security Blog: PR10-08 -Various XSS and information disclosure flaws within Adobe ColdFusion administration console |
| Anatomy of Cross Site Scripting |
| Whitepapers - technicalinfo.net |
| Tales from the crypto - Cross-Site Scripting (XSS) no script required |
| InterN0T -Cross Site Scripting - attack and defense guide |
| BlackHat-EU-2010 -Lindsay-Nava-IE8-XSS-Filters-slides.pdf (application/pdf Object) |
| Sirdarckcat - Our favorite XSS filters and how to attack them |
| Filter evasion - Houdini on the wire |
| HTML5 - HTML5 security cheatsheet |
| XSS - Cross Site Scripting |
| XSS info - Web application security forum |
| Web application security consortium- articles - DOM based Cross Site Scripting or XSS of the third kind |
| 12robots.com - What's possible with XSS? |
| Onapsis|research labs - Holistic ERP security |
| MARC - Patch for SAP-passwords :BCODE & PASSCODE |
| SAP exploits - Phenoelit SAP exploits |
| David Robert's blog - Lotus notes/domino security |
| Lotus penetration testing - Re: Lotus notes |
| SecTechno - Hacking Lotus domino |
| Hacking JBoss - Whitepaper-Hacking-jBoss-using-a-Browser.pdf (application/pdf Object) |
| Minded security blog - Good bye critical Jboss 0day |
| Hideaway.net - Hacking Oracle application servers |
| OWASP - Testing for Oracle |
| Ngssoftware.com - OraScan |
| Database security - NGSSQuirreL for Oracle |
| Ngssoftware -papers - Hpoas.pdf (application/pdf Object) |
| Module browser - Metasploit penetration testing framework |