Top Ten Web Hacking Techniques 2011

Está disponível a versão de 2011:

https://www.whitehatsec.com/resource/grossmanarchives/12grossmanarchives/022112topten2011.html

O top 10:

1. BEAST (by: Thai Duong and Juliano Rizzo)
2. Multiple vulnerabilities in Apache Struts2 and property oriented programming with Java (by: Johannes Dahse)
3. DNS poisoning via Port Exhaustion (by: Roee Hay and Yair Amit)
4. DOMinator – Finding DOMXSS with dynamic taint propagation (by: Stefano Di Paola)
5. Abusing Flash-Proxies for client-side cross-domain HTTP requests (by: Martin Johns and Sebastian Lekies)
6. Expression Language Injection (by: Stefano Di Paola and Arshan Dabirsiaghi)
7. Java Applet Same-Origin Policy Bypass via HTTP Redirect (by: Neal Poole)
8. CAPTCHA Hax With TesserCap (by: Gursev Kalra)
9. Bypassing Chrome’s Anti-XSS filter (by: Nick Nikiforakis)
10. CSRF: Flash + 307 redirect = Game Over (by: Phillip Purviance)