Cross Site Cookie Manipulation

CVSS: Characterizing and Scoring Vulnerabilities

Acquiring Data with CSS Selectors and Javascript on Time Based Attacks

Why Framework Choice Matters in Web Application Security

Using Session Puzzling to Bypass Two-Factor Authentication

DNSFS: Is it possible to use DNS as a file system?

Clickjacking Attack on Facebook: How a Tiny Attribute Can Save the Corporation

Discovering and hacking IoT devices using web-based attacks