I suggest taking a look at OWASP's top ten list: http://www.owasp.org/index.php/Top_10_2007
----- Original Message ---- From: Deeþàn Chakravarthÿ <[EMAIL PROTECTED]> To: [EMAIL PROTECTED]; [email protected] Sent: Monday, July 23, 2007 11:20:14 AM Subject: [Full-disclosure] Am I missing anything ? Hi All, Just wondered if I am missing anything important. Am planning to give talk on web security. Is there any other technique other than the following I have to speak about ? 1)XSS 2)CSRF 3)SQL Injection 4)AJAX/JSON hijacking 5)HTTP response splitting 6)RFI 7)CRLF 8)MITM Thanks Deepan _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ____________________________________________________________________________________ Need a vacation? Get great deals to amazing places on Yahoo! Travel. http://travel.yahoo.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
