Top 10 Web Hack Techniques

Every year the security community produces a stunning amount of new Web hacking techniques that are published in various white papers, blog posts, magazine articles, mailing list emails, conference presentations, etc. No anyone who can forecast what new Hack Technique will be discovered at the next month. Yes, our Internet, Web site and Web based business are under the threats of the Unknown Attacks. The current solutions of the "Circum Security Products + Web" have not been enough!

2009
1、Creating a rogue CA certificate
2、HTTP Parameter Pollution (HPP)
3、Flickr's API Signature Forgery Vulnerability (MD5 extension attack)
4、Cross-domain search timing
5、Slowloris HTTP DoS
6、Microsoft IIS 0-Day Vulnerability Parsing Files (semi‐colon bug)
7、Exploiting unexploitable XSS
8、Our Favorite XSS Filters and how to Attack them
9、RFC1918 Caching Security Issues
10、DNS Rebinding (3-part series Persistent Cookies, Scraping & Spamming, and Session Fixation)