1 |
Anderson, Richard, et al., Professional ASP.NET 1.0, Wrox Press, 2002.
|
2 |
Coordination Center, Understanding Malicious Content Mitigation for Web Developers,
CERT Coordination Center, Carnegie Mellon University, Pittsburgh PA 15213-3890, USA, 2000.
|
3 |
Ollmann, Gunter, Understanding the cause and effect of CSS (XSS) Vulnerabilities, http://www.technicalinfo.net/papers/CSS.html
|
4 |
W. Halfond and A. Orso, Combining Static Analysis and Runtime Monitoring to Counter SQLInjection Attacks, Proceedings of the Third International ICSE Workshop on Dynamic Analysis, WODA 2005.
|
5 |
W. Halfond and A. Orso, AMNESIA: Analysis and Monitoring for Neutralizing SQL-Injection Attacks, Proceedings of the IEEE and ACM International Conference on Automated Software Engineering, ASE 2005.
|
6 |
Rabek, Jesse C., et al, Detection of Injected, Dynamically Generated, and Obfuscated Malicious Code, Defense Advanced Project Agency (DARPA), Copyright Association for Computing Machinery, ACM, 2003.
|
7 |
Huang, Yao-Wen, et al, Securing Web Application Code by Static Analysis and Runtime Protection,
New York, New York, USA, 2004.
|
8 |
Jerry Lee Ford, Jr and William R. Stanek, Increase Your Web Traffic, fourth edition, Thomson
Course Technology, 2006.
|
9 |
Joel Scramby, Mike Shema and Caled Sima, Hacking Web Applications Exposed, second edition,
The McGraw-Hill Companies, 2006, pp.238.
|
10 |
Stuart McClure, Joel Scramby and George Kurtz, Hacking Exposed, Network Security Secrets &
Solutions, fifth edition, The McGraw-Hill Companies, 2005, pp.581-582.
|
11 |
Hackademix website-http://hackademix.net/2007/08/12/united-nations-vs-sql-injections/
|
12 |
Coordination Center, Advisory CA-2000-02, Malicious HTML Tags Embedded in
Client Web Requests, CERT Coordination Center, Carnegie Mellon University, Pittsburgh PA 15213-3890, USA, 2000.
|
13 |
OWASP.org, the OWASP Top Ten is a list of vulnerabilities that require immediate remediation,
http://www.owasp.org/documentation/topten/introduction.html
|
14 |
SPI Dynamics Inc, SQL Injection White Paper, SPI Dynamics Inc., 2002.
|
15 |
Advisees Consulting Group, Writing Secure Web Applications, Advisees Consulting Group, 2004.
|
16 |
Duffy, Kevin, et al., Professional JSP Site Design, Wrox Press, 2001.
|