HackDig : Dig high-quality web security articles for hacker

Top 10 Web Hacking Techniques of 2015

2016-01-12 16:40

With 2015 coming to a close, the time comes for us to pay homage to top tier security researchers from the past year and properly acknowledge all of the hard work that has been given back to the infosec community. We do this through a nifty yearly process known as The Top 10 Web Hacking Techniques. Every year the security community produces a stunning number of new Web hacking techniques that are published in various white papers, blog posts, magazine articles, mailing list emails, conference presentations, etc. Within the thousands of pages are the latest ways to attack websites, Web browsers, Web proxies, and their mobile platform equivalents. Beyond individual vulnerabilities with CVE numbers or system compromises, we are solely focused on new and creative methods of Web-based attack. Now in its ninth year, the Top 10 Web Hacking Techniques list encourages information sharing, provides a centralized knowledge base, and recognizes researchers who contribute excellent research. Past Top 10s and the number of new attack techniques discovered in each year: 2006 (65), 2007 (83), 2008 (70), 2009 (82), 2010 (69), 2011 (51), 2012 (56), 2013 (31), and 2014 (46).

The vulnerabilities and hacks that make this list are chosen by the collective insight of the infosec community.  We rely 100% on nominations, either your own or for another researcher, for an entry to make this list.

Phase 1: Open community submissions [Jan 11-Jan 22]

Comment this post with your submissions from now until Jan 30. The submissions will be reviewed and verified.

Phase 2: Open community voting for the final 15 [Jan 23-Feb 1]
Each verified attack technique will be added to a survey which will be linked below on Feb 2. The survey will remain open until Feb 20. Each attack technique (listed alphabetically) receives points depending on how high the entry is ranked in each ballot. For example, an entry in position #1 will be given 15 points, position #2 will get 14 points, position #3 gets 13 points, and so on down to 1 point. At the end all points from all ballots will be tabulated to ascertain the top 15 overall.

Phase 3: Panel of Security Experts Voting [Feb 1-Mar 8]

From the result of the open community voting, the final 15 Web Hacking Techniques will be ranked based on votes by a panel of security experts. (Panel to be announced soon!) Using the exact same voting process as Phase 2, the judges will rank the final 15 based on novelty, impact, and overall pervasiveness. Once tabulation is completed, we’ll have the Top 10 Web Hacking Techniques of 2014!

Prizes [to be announced]

The winner of this year’s top 10 will receive a prize!

We will be updating this post with nominations as they are received and vetted for relevance.


Source: /5102-fo-seuqinhcet-gnikcah-bew-01-pot/moc.cestahetihw.golb

“Top 10 Web Hacking Techniques of 2015”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud