Code-reuse attacks for the web: Breaking cross-site scripting mitigations via script gadgets S Lekies, K Kotowicz, S Groß, EA Vela Nava, M Johns Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications …, 2017 | 73 | 2017 |
Web Application Obfuscation:’-/WAFs.. Evasion.. Filters M Heiderich, E Nava, G Heyes, D Lindsay alert (/obfuscation/)-’. Syngress, 2010 | 33* | 2010 |
Abusing internet explorer 8’s XSS filters EV Nava, D Lindsay BlackHat Europe, 2010 | 32* | 2010 |
Our favorite xss filters and how to attack them EV Nava, D Lindsay BlackHat USA, August, 2009 | 29* | 2009 |
Breaking xss mitigations via script gadgets S Lekies, K Kotowicz, EV Nava Black Hat USA, 2017 | 6 | 2017 |
ACS-active content signatures EV Nava PST WEBZINE 0X04, 2006 | 5 | 2006 |
Html M Heiderich, EAV Nava, G Heyes, D Lindsay Web Application Obfuscation, 13-79, 2011 | 3 | 2011 |
Methods and systems of providing browser cross-page communication using ports EAV Nava US Patent App. 14/140,962, 2017 | 2 | 2017 |
CSS: The Sexy Assassin. Talk at the Microsoft Blue Hat conference G Heyes, EV Nava, D Lindsay | 2 | 2008 |