<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Luca<div><br></div><div>As per telephone discussion here are a selection of pages from OWASP (there are links to related articles at the bottom):</div><div><br></div><div><b>Parameter attacks </b></div><div> <a href="https://www.owasp.org/index.php/Web_Parameter_Tampering">https://www.owasp.org/index.php/Web_Parameter_Tampering</a></div><div> <a href="https://www.owasp.org/index.php/Argument_Injection_or_Modification">https://www.owasp.org/index.php/Argument_Injection_or_Modification</a></div><div> <a href="https://www.owasp.org/index.php/Unicode_Encoding">https://www.owasp.org/index.php/Unicode_Encoding</a></div><div><br></div><div><b>Injection attacks</b></div><div> <a href="https://www.owasp.org/index.php/SQL_Injection">https://www.owasp.org/index.php/SQL_Injection</a></div><div> <a href="https://www.owasp.org/index.php/LDAP_injection">https://www.owasp.org/index.php/LDAP_injection</a></div><div><br></div><div>Here is the attack page of the OWASP site - <a href="https://www.owasp.org/index.php/Category:Attack">https://www.owasp.org/index.php/Category:Attack</a></div><div><br></div><div>Mark</div><div><br></div></body></html>