Ch 2a: SOAP Examples
Ch 3a: RESTful Resource Naming Ch 3b: SOAP Examples Ch 3c: HTML form enctype Attribute Ch 3d: Microsoft Edge Browser won't support ActiveX, VBScript, other Internet Explorer features Ch 3e: VBScript is no longer supported in IE11 edge mode (Windows) Ch 3f: JavaScript HTML DOM Ch 3g: DOM example Ch 3h: Map; example of Ajax Ch 3i: Simple Google Maps API Example - Jayway Ch 3k: XMLHttpRequest - Wikipedia Ch 3l: HTTP Status Dogs
Ch 4a: Using Burp Spider Ch 4b: How To Burp -- Slides from David Brown Ch 4c: Web Common Directories and Filenames - Word Lists Collection Ch 4d: GitHub - spinkham/skipfish: Web application security scanner created by lcamtuf for google - Unofficial Mirror Ch 4e: Skipfish project instructions Ch 4f: OWASP DirBuster Project Ch 4g: GitHub - sensepost/wikto Ch 4h: httprecon project - advanced http fingerprinting Ch 4i: Electronic & Transactional Content Management | OpenText, Vignette Ch 4j: httprint download (from 2005) Ch 4k: Web Application Fingerprint (OWASP-IG-004) Ch 4l: How to use Httprint on Kali Linux Ch 4m: Using HTTP Methods (GET, POST, PUT, etc.) in Web API Ch 4n: OWASP DirBuster -- Replaced by Zed Attack Proxy Ch 4o: OWASP Zed Attack Proxy
Ch 5a: HTTP ETag - Wikipedia Ch 5b: JavaScript Form Validation Ch 5c: Serialization - Wikipedia Ch 5d: JAVA De-serialization: It can't get any simpler than this !! Ch 5e: WCF Binary Soap Plug-In for�Burp (for Silverlight) Ch 5f: JAD Java Decompiler Download Mirror Ch 5g: Flasm Flash decompiler Ch 5h: Flare Flash decompiler Ch 5i: WebInspect: Dynamic Analysis, DAST, Penetration Testing Tools | Hewlett Packard Enterprise Ch 5j: .NET Decompiler: Decompile Any .NET Code | .NET Reflector Ch 5k: Code refactoring - Wikipedia Ch 5l: Java Optimize and Decompile Environment (JODE) Ch 5m: JavaSnoop Download Ch 5n: Hacking Java Applications using JavaSnoop - InfoSec Resources
Ch 6a: Microsoft Passport and Windows Hello Ch 6b: Obama's Internet Plan Sounds an Awful Lot Like a National Internet ID (from 2011) Ch 6c: How Weev's prosecutors are making up the rules (2013) Ch 6d: Errata Security: AT&T provides free user information yet again Ch 6e: Secret Microsoft policy limited Hotmail passwords to 16 characters (2012) Ch 6f: Basic access authentication - Wikipedia Ch 6g: Digest access authentication - Wikipedia
Ch 7a: ASP.NET View State Overview Ch 7b: Samy Kamkar - phpwn: Attack on PHP Sessions and Random Numbers Ch 7c: How to fix a website with blocked mixed content Ch 7d: HttpOnly - OWASP Ch 7e: PHP: setcookie - Manual Ch 7f: [WEB SECURITY] Technical Note by Amit Klein: "Path Insecurity" Ch 7g: HTTP Strict Transport Security Cheat Sheet - OWASP Ch 7h: Usage Statistics of HTTP Strict Transport Security for Websites Ch 7i: Bypassing HSTS or HPKP in Chrome is a badidea Ch 7l: X-XSS-Protection - HTTP | MDN Ch 7j: Hack Yourself First: FREE COURSE -- HIGHLY RECOMMENDED Ch 7k: I figured out a way to hack any of Facebook's 2 billion accounts, and they paid me a $15,000 bounty
Ch 8a: IBM Knowledge Center - HTTP session manager troubleshooting tips Ch 8b: Vulnerable USA Colleges
Ch 9a: escaping - How to escape apostrophe (') in MySql? Ch 9b: javascript - Which Logic Operator Takes Precedence
Ch 10a: Microsoft retires Filemon and Regmon from Sysinternals
Ch 12w: Memory Forensics: Mandiant Redline Ch 12x: Forensic Investigation with Redline Ch 12a: apache.org incident report for 04/09/2010 Ch 12b: MySpace Worm Explanation Ch 12c: StrongWebmail CEO's mail account hacked via XSS Ch 12d: Two XSS Worms Slam Twitter Ch 12e: Null Byte Injection in PHP Ch 12f: Window atob() Method Ch 12g: Saying goodbye to ActiveX, VBScript, attachEvent-- | Microsoft Edge Dev Blog Ch 12h: Javascript Packer Ch 12i: Why were Javascript `atob()` and `btoa()` named like that? - Stack Overflow
Ch 13a: About IFRAME and clickjacking Ch 13b: AJAX Introduction Ch 13C: XMLHttpRequest Demo Ch 13d: HTTP Response Splitting - OWASP Ch 13e: Report: Microsoft Edge leaks private browsing data locally Ch 13f: Privacy and the :visited selector Ch 13g: The power of DNS rebinding: stealing WiFi passwords with a website Ch 13h: GitHub - taviso/rbndr: Simple DNS Rebinding Service Ch 13i: rbndr.us dns rebinding service Ch 13j: Dear developers, beware of DNS Rebinding
