Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: WS Security
From: Jan Muenther <jan.muenther () nruns com>
Date: Mon, 15 Dec 2008 21:55:37 +0100


If any of you has pointers to some documents that systematically 
point out all the risks and alternative ways to mitigate them it 
would help me a lot.
  
Have you read Brad Hill's stuff on the topic?
http://www.isecpartners.com/files/XMLDSIG_Command_Injection.pdf
http://seattle.toorcon.org/2007/talks/bradhill.ppt

Cheers,
Jan

-- 
Jan Muenther, CTO Security, n.runs AG


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]