| Code-reuse attacks for the web: Breaking cross-site scripting mitigations via script gadgets S Lekies, K Kotowicz, S Groß, EA Vela Nava, M Johns Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications …, 2017 | 73 | 2017 |
| Web Application Obfuscation:’-/WAFs.. Evasion.. Filters M Heiderich, E Nava, G Heyes, D Lindsay alert (/obfuscation/)-’. Syngress, 2010 | 33* | 2010 |
| Abusing internet explorer 8’s XSS filters EV Nava, D Lindsay BlackHat Europe, 2010 | 32* | 2010 |
| Our favorite xss filters and how to attack them EV Nava, D Lindsay BlackHat USA, August, 2009 | 29* | 2009 |
| Breaking xss mitigations via script gadgets S Lekies, K Kotowicz, EV Nava Black Hat USA, 2017 | 6 | 2017 |
| ACS-active content signatures EV Nava PST WEBZINE 0X04, 2006 | 5 | 2006 |
| Html M Heiderich, EAV Nava, G Heyes, D Lindsay Web Application Obfuscation, 13-79, 2011 | 3 | 2011 |
| Methods and systems of providing browser cross-page communication using ports EAV Nava US Patent App. 14/140,962, 2017 | 2 | 2017 |
| CSS: The Sexy Assassin. Talk at the Microsoft Blue Hat conference G Heyes, EV Nava, D Lindsay | 2 | 2008 |
