Company Profile | Services | Vulnerability mangement | Training | Research and Technology | Contact Us
Research | Books | Conferences | White Papers | Tools | Miscellaneous | Register


White Papers

Here you can find various papers that SensePost have written or contributed to over the ages.

It's all about the timing

In 2007 SensePost presented a paper at BlackHat USA that introduced new techniques and applications to aid in executing timing attacks against web applications. The attack vectors were broad, and included SQL injection timing attacks as well as client-side browser attacks. With the increased attention shown to timing issues, we believe an increase in the number of timing vulnerabilities will be observed in the wild, and this paper brought timing attacks squarely into the web application space.

Download the paper (435 kb)

Assessing Internet Security Risk

In 2002 SensePost contributed this 5 part series to Security Focus. The document gives very practical guidelines for what was then state of the art security assessment techniques. As years go by, the document still provides a very solid background to the industry.

Download the paper (742 kb)

SQL Insertion

One of the first papers ever to investigate the use of SQL insertion, this paper is now in top 3 results when doing a Google search for "SQL insertion" In this paper various SQL insertion tricks are shown and discussed.

Download the paper (343 kb)

Practical Policies

This 4 part series on the practical implementation of security policies was first published on Security Focus in 2001. The series was a hit and is now mirrored everywhere on the Internet.

Download the paper (126 kb)

The Internet as unstable medium

Before the days of phising and 419 scams, this paper was released as a guest feature on Security Focus. Published in 2000 this short paper describes the world of today...

Download the paper (100 kb)

Hackers CookBook

In 2002 SensePost decided to stop the online publication of its Hacker's Cookbook (then called "Breaking into Computer Networks from the Internet". Until now, the most current version of the guide was version 3.21. Version 3.21 was very well received in the industry and was listed on numerous sites as "recommended reading"

Download the paper (21,107 kb)



Top of Page

Quick Links

« Wikto
« BiDiBLAH
« E-Or

« Research
« Books
« Conferences
« White Papers
« Tools
« Miscellaneous
    Copyright © 2005 SensePost | Privacy Statement | Conditions of Use