Whitepaper called Dissecting Java Server Faces for Penetration Testing. This paper is divided into two parts. In the first part, they discuss the internals of JSF, a Java based web application framework and its inherent security model. In the second part, they discuss about the security weaknesses and applied security features in the JSF. In addition, they also raise a flag on the security issues present in JSF in order to conduct effective penetration testing.
3e0ca590152a28d58e6b4fd24b67f72aWhitepaper called EvilQR – When QR Code Goes Bad . This is a security assessment of mobile QR readers.
e71934da1759de464dae8a97f2c24afeBrief whitepaper discussing security improvements that should be implemented in JBoss application server installations.
053f8b4ab8c8403e9f002c416ee7f938Whitepaper called JBoss Application Server - Deploying WARs with the DeploymentFileRepository MBean. It explains how to deploy WAR files with the DeploymentFileRepository MBean and how this is even possible with Cross Site Request Forgery (CSRF).
5725b619ea089a246051ade77c99f54dWhitepaper entitled Java 2 Micro Edition (J2ME or Java ME) Based Computer Malware Propagation Technique.
cc003c84ac29ef11a21f2991097237f1JNLP Security Convergence - A whitepaper discussing security problems in the Java Network Language Protocol.
4c07e88ee89cf73447774fe31625ce51Whitepaper entitled Cracking String Encrypting in Java Obfuscated Bytecode.
f0739a49ebc9c9404cbd455eb485ca84Accessing Java Clients with the BeanShell. This whitepaper goes into detail discussing the assessment of Java applications utilizing the BeanShell.
86f5a728c7199f4f03af12a0402c9eacBlocking Java Applets at the Firewall. Discussion about blocking hostile applets at firewalls.
ee5317c4ddd6a3770f984f6235983e00Java is not type-safe.
12c4bf87d1f0d650f32084ea8398bbabThe Security of Static Typing with Dynamic Linking.
e1ff1211a30f3d6f24801cc9fcb025edA Comparison between Java and Active X Security.
dfbe17ddd998e0657a3696f789cc5786Foresight Computer Security Fact Forum. Discussion of the Java Security Model.
cd9194ae0e70a27de70846cb31589e4bDefensive Java Virtual Machine Version 0.5 alpha Release. Built in ACL2.
77032badb39a1f1152b199d5cd734c75Experience with Secure Multi-Processing in Java.
c351fd55722ee49ec10bc3df9931474dSoftware Assurance for Security.
9eeb470be313f0a701174f6739c57b02One of the first papers presented on Java Security.
d5100579a2d3f26d7e47b978b52c32c9Work on the Java Type System.
4d3db7cbc736b69cd57cd5207bcad71aGoing Beyond the Sandbox: An Overview of the New Security Architecture in the Java Development Kit 1.2
d62ed645166bc86eb82fdfb2d761e35aImplementing Protection Domains in the Java Development Kit 1.2.
cdf3c6cfcc693b401075de6382ec48ceJava Security: Weaknesses and Solutions. Early paper on Java security and problems in the VM.
5ba0343ad4163e19da27e777d9166427Mobile Code Bibliography. A collection of mobile code publications.
1f73d5e6a8f92b5c704078bdf2fbfc85Security Breaches in the JDK 1.1 beta 2 security API.
192cacfb2a0815b6344ec0c6f410cb3fJava Security: From HotJava to Netscape and Beyond. A classic paper on the security of Java.
7a90bea3a8fc4935a5c819c00ef37242Extensible Security Architectures for Java.
def816dd432e40da9b865ee27cf07a69
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed