Main navigation | Main content
Candidate main reading:
Mikhail Shcherbakov, Musard Balliu, and Cristian-Alexandru Staicu.
“Silent Spring: Prototype Pollution Leads to Remote Code
Execution in Node.js”.
In USENIX Security Symposium, August 2023.
[USENIX]
Main reading for Thursday, March 14th:
Marco Squarcina, Pedro Adão, Lorenzo Veronese, and Matteo Maffei.
“Cookie Crumbles: Breaking and Fixing Web Session
Integrity”.
In USENIX Security Symposium, August 2023.
[USENIX]
Candidate main reading:
Feras Al-Kassar, Luca Compagna, and Davide Balzarotti.
“WHIP: Improving Static Vulnerability Detection in Web
Application by Forcing tools to Collaborate”.
In USENIX Security Symposium, August 2023.
[USENIX]
Main reading for Tuesday, March 12th:
Cem Topcuoglu, Kaan Onarlioglu, Bahruz Jabiyev, and Engin Kirda.
“Untangle: Multi-Layer Web Server Fingerprinting”.
In Network and Distributed Systems Security Symposium (NDSS),
February 2024.
[NDSS]