Main menu
- Academia-related
- Advanced web application attacks
- DNS X-Ray
- DNS cache poisoning
- Home
- Predictable Javascript Math.Random and HTTP multipart boundary string
- Public appearances
- Recent (non-Academic) Research
- Standards, community, etc.
- Usenix 2019 *extended* paper
- Web application security - the early days
- Web-based virtual machine detection
- XML and SOAP attacks