WordPress security: an analysis based on publicly available exploits
暂无分享,去创建一个
[1] Carlos M. da Fonseca,et al. A Practical Experience on the Impact of Plugins in Web Security , 2014, 2014 IEEE 33rd International Symposium on Reliable Distributed Systems.
[2] Girdhari Singh,et al. Static analysis approaches to detect SQL injection and cross site scripting vulnerabilities in web applications: A survey , 2014, International Conference on Recent Advances and Innovations in Engineering (ICRAIE-2014).
[3] Al-Sakib Khan Pathan,et al. A Detailed Survey on Various Aspects of SQL Injection in Web Applications: Vulnerabilities, Innovative Attacks, and Remedies , 2013, Int. J. Commun. Networks Inf. Secur..
[4] Christopher Krügel,et al. Enemy of the State: A State-Aware Black-Box Web Vulnerability Scanner , 2012, USENIX Security Symposium.
[5] Pavol Zavarsky,et al. An Analysis of Black-Box Web Application Security Scanners against Stored SQL Injection , 2011, 2011 IEEE Third Int'l Conference on Privacy, Security, Risk and Trust and 2011 IEEE Third Int'l Conference on Social Computing.
[6] Matthew Finifter. Exploring the Relationship Between Web Application Development Tools and Security , 2011, WebApps.
[7] Engin Kirda,et al. Quo Vadis? A Study of the Evolution of Input Validation Vulnerabilities in Web Applications , 2011, Financial Cryptography.
[8] Marco Vieira,et al. The Web Attacker Perspective - A Field Study , 2010, 2010 IEEE 21st International Symposium on Software Reliability Engineering.
[9] Giovanni Vigna,et al. Why Johnny Can't Pentest: An Analysis of Black-Box Web Vulnerability Scanners , 2010, DIMVA.
[10] John C. Mitchell,et al. State of the Art: Automated Black-Box Web Application Vulnerability Testing , 2010, 2010 IEEE Symposium on Security and Privacy.
[11] Marco Vieira,et al. Using web security scanners to detect vulnerabilities in web services , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.
[12] Mei Junjin,et al. An Approach for SQL Injection Vulnerability Detection , 2009, 2009 Sixth International Conference on Information Technology: New Generations.
[13] Ehud Gudes,et al. DIWeDa - Detecting Intrusions in Web Databases , 2008, DBSec.
[14] Konstantinos Kemalis,et al. SQL-IDS: a specification-based approach for SQL-injection detection , 2008, SAC '08.
[15] V. N. Venkatakrishnan,et al. CANDID: preventing sql injection attacks using dynamic candidate evaluations , 2007, CCS '07.
[16] Mark Curphey,et al. Web application security assessment tools , 2006, IEEE Security & Privacy.
[17] Zhendong Su,et al. The essence of command injection attacks in web applications , 2006, POPL '06.
[18] Alessandro Orso,et al. A Classification of SQL-Injection Attacks and Countermeasures , 2006 .
[19] Alessandro Orso,et al. AMNESIA: analysis and monitoring for NEutralizing SQL-injection attacks , 2005, ASE.
[20] Bruce W. Weide,et al. Using parse tree validation to prevent SQL injection attacks , 2005, SEM '05.
[21] R.A. McClure,et al. SQL DOM: compile time checking of dynamic SQL statements , 2005, Proceedings. 27th International Conference on Software Engineering, 2005. ICSE 2005..
[22] Yannis Smaragdakis,et al. JCrasher: an automatic robustness tester for Java , 2004, Softw. Pract. Exp..
[23] Angelos D. Keromytis,et al. SQLrand: Preventing SQL Injection Attacks , 2004, ACNS.
[24] D. T. Lee,et al. Securing web application code by static analysis and runtime protection , 2004, WWW '04.
[25] L. Lutter. Top Ten List , 2002, Foot & ankle international.