Завалить в один запрос: уязвимости веб-приложений, приводящие к DoS.

Lie to Me: Bypassing Modern Web Application Firewalls

Data normalization weaknesses

Hack pra 05-12-blind-xxe

SSRF attacks and sockets: smorgasbord of vulnerabilities

Xxe advanced exploitation

WEB SHELL EVOLUTION & CODE EXECUTION ATTACKS IN WEB APPLICATION

Defcon Russia 7 d0znpp

OpenSSL rands (fork-safe)

ONsec PHDays 2012 XXE incapsulated report

DCG7812 cryptography in webapps 21/08/12

Chaos Construcions 2010 SDRF presentation [ONSEC]

Caro2012 attack large-modern_web_applications

Smuggling splitting poisoning. ZeroNights. ONsec

Distributed computing in browsers as client side attack

Mosaique by Arthur Gerkis @ax330d

Безопасность веб-приложений: основы. Клиентские уязвимости. ONsec.мифи.180212

Nikita Tarakanov. MS11-087. МИФИ 18/02/2012

SSRF workshop

Yandex rewards. ONsec experience