Some of my published white papers in chronological order.
Practical introduction to PGP, explains basic of PGP with some real world examples.
A Highly detailed document about attacking and defending wireless network.
The most comprehensive SQL Injection Cheat Sheet, includes lots of detailed information about SQL injection methods and covers several different databases. Translated into Japanese, Published in "Hacker Japan" Issue 05.2007.
Cutting edge research about exploitation of XSS vulnerabilities. Explains the implementation and idea of tunnelling HTTP traffic through XSS channels to bypass several restrictions and gain a total control over the victim's session.
A new way to exploit Blind SQL Injections which allows attacker to get 16+ different answers at a time from Blind SQL Injections instead of 2 (true or false). Also it's implemented in BSQL Hacker.
A new attack vector against web applications and databases. Affects more than 70% of web applications with an MS SQL Server database. This attack is now documented in the OWASP Testing Guide v3 as well.
Quite comprehensive FAQ for common SSL implementation security pitfalls.