Lie to Me: Bypassing Modern Web Application Firewalls
Data normalization weaknesses
Hack pra 05-12-blind-xxe
SSRF attacks and sockets: smorgasbord of vulnerabilities
Xxe advanced exploitation
WEB SHELL EVOLUTION & CODE EXECUTION ATTACKS IN WEB APPLICATION
OpenSSL rands (fork-safe)
ONsec PHDays 2012 XXE incapsulated report
Caro2012 attack large-modern_web_applications
Smuggling splitting poisoning. ZeroNights. ONsec
Distributed computing in browsers as client side attack
SSRF workshop
Yandex rewards. ONsec experience
Dcm#8 elastic search
Proactive approach