Mario Heiderich
TitoloCitata daAnno
All your clouds are belong to us: security analysis of cloud management interfaces
J Somorovsky, M Heiderich, M Jensen, J Schwenk, N Gruschka, ...
Proceedings of the 3rd ACM workshop on Cloud computing security workshop, 3-14, 2011
1782011
Scriptless attacks: stealing the pie without touching the sill
M Heiderich, M Niemietz, F Schuster, T Holz, J Schwenk
Proceedings of the 2012 ACM conference on Computer and communicationsá…, 2012
982012
Iceshield: Detection and mitigation of malicious websites with a frozen dom
M Heiderich, T Frosch, T Holz
International Workshop on Recent Advances in Intrusion Detection, 281-300, 2011
702011
Systems and methods for client-side vulnerability scanning and detection
M Heiderich, G Heyes, A Aranguren-Aznarez
US Patent 8,752,183, 2014
562014
mxss attacks: Attacking well-secured web-applications by using innerhtml mutations
M Heiderich, J Schwenk, T Frosch, J Magazinius, EZ Yang
Proceedings of the 2013 ACM SIGSAC conference on Computer & communicationsá…, 2013
552013
Crouching tiger-hidden payload: security risks of scalable vectors graphics
M Heiderich, T Frosch, M Jensen, T Holz
Proceedings of the 18th ACM conference on Computer and communicationsá…, 2011
342011
On the Fragility and Limitations of Current Browser-Provided Clickjacking Protection Schemes.
S Lekies, M Heiderich, D Appelt, T Holz, M Johns
WOOT 12, 2012
322012
Towards elimination of xss attacks with a trusted and capability controlled dom
M Heiderich
na, 2012
282012
Web Application Obfuscation:’-/WAFs.. Evasion.. Filters
M Heiderich, E Nava, G Heyes, D Lindsay
alert (/obfuscation/)-’. Syngress, 2010
222010
The bug that made me president a browser-and web-security case study on helios voting
M Heiderich, T Frosch, M Niemietz, J Schwenk
International Conference on E-Voting and Identity, 89-103, 2011
182011
Scriptless timing attacks on web browser privacy
B Liang, W You, L Liu, W Shi, M Heiderich
2014 44th Annual IEEE/IFIP International Conference on Dependable Systemsá…, 2014
152014
Web Application Obfuscation:'-/WAFs.. Evasion.. Filters//alert (/Obfuscation/)-'
M Heiderich, EAV Nava, G Heyes, D Lindsay
Elsevier, 2010
102010
XSS-FP: Browser fingerprinting using HTML parser quirks
E Abgrall, YL Traon, M Monperrus, S Gombault, M Heiderich, A Ribault
arXiv preprint arXiv:1211.4812, 2012
92012
DOMPurify: Client-side protection against XSS and markup injection
M Heiderich, C Spńth, J Schwenk
European Symposium on Research in Computer Security, 116-134, 2017
82017
Html5 security cheatsheet
M Heiderich
2011-01-22)[2011-11-20]. http://html5sec. org, 2011
82011
Scriptless attacks: Stealing more pie without touching the sill
M Heiderich, M Niemietz, F Schuster, T Holz, J Schwenk
Journal of Computer Security 22 (4), 567-599, 2014
72014
X-frame-options: All about clickjacking
F Braun, M Heiderich
Sep, 2013
52013
How private is your private cloud?: Security analysis of cloud control interfaces
D Felsch, M Heiderich, F Schulz, J Schwenk
Proceedings of the 2015 ACM Workshop on Cloud Computing Security Workshop, 5-16, 2015
22015
Waiting for CSP–Securing Legacy Web Applications with JSAgents
M Heiderich, M Niemietz, J Schwenk
European Symposium on Research in Computer Security, 23-42, 2015
22015
Sichere Webanwendungen: das Praxishandbuch;[sichere PHP-, JavaScript-und Flash-Anwendungen; XSS, CSRF, Remote Code Execution, SQL Injection uvm, Angriffstechniken verstehen undá…
M Heiderich
Galileo Press, 2009
12009
Il sistema al momento non pu˛ eseguire l'operazione. Riprova pi¨ tardi.
Articoli 1–20