References
- https://html5sec.org/
- TrandLabs, HTML5 OVERVIEW, TrendMICRO, 2011
- Shreeraj Shah, HTML5 Top 10 Threats Stealth Attacks and Silent Exploits, Blackhat EU, 2012
- KISA, HTML5 개발자를 위한 정보보호 안내서, Dec 2014.
- Paul Stone, Next Generation Clickjacking, Blackhat EU, 2010
- http://www.christian-schneider.net/CrossSiteWebSocketHijacking.html
- https://html5sec.org/keylogger/
- Vulnerability Summary for CVE-2011-3663, NVD, https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3663
- M. Heiderich, Scriptless attacks Stealing more pie without touching the sill, Journal of Computer Security, p.567-599, July 2014.
- andlabs, JS-RECONHTML5 based JavaScript Network Reconnaissance Tool, http://www.andlabs.org/tools/jsrecon.html
- http://www.w3.org/TR/IndexedDB/
- andlabs, Chrome and Safari users open to stealth HTML5 AppCache attack, http://blog.andlabs.org/2010/06/chrome-and-safari-users-open-to-stealth.html, June 2010.
- Kuppan, Attacking with HTML5, Blackhat, 2010
- Feross Aboukhadijeh, Introducing the HTML5 Hard Disk FilleTM API,http://feross.org/fill-disk/, Feb 2013.