Cool 10,000 foot overview of web application vulnerability assessment. Clearly written and concise.
A really well thought through attack on HTML sanitizers.
El Reg has a good article on spear-phishing developers to get access to back end tools. This is why the vulnerability analysts tell you to decommission old test systems.
Nice into to blind SQL injection.
That’s the news, folks. Have a good Labor Day!