| WOOT '07 | Flayer: Exposing Application Internals | Will Drewry, Tavis Ormandy |
| WOOT '07 | Exploiting Concurrency Vulnerabilities in System Call Wrappers | Robert N. M. Watson |
| WOOT '07 | The ND2DB Attack: Database Content Extraction Using Timing Attacks on the Indexing Algorithms | Ariel Futoransky, Damián Saura, Ariel WaissbeinCore Security Technologies |
| WOOT '07 | Billing Attacks on SIP-Based VoIP Systems | Ruishan Zhang, Xinyuan Wang, Xiaohui Yang, Xuxian Jiang |
| WOOT '07 | BlueSniff: Eve Meets Alice and Bluetooth | Dominic Spill, Andrea Bittau |
| WOOT '07 | Toward Undetected Operating System Fingerprinting | Lloyd G. Greenwald, Tavaris J. Thomas |
| WOOT '07 | Catch Me, If You Can: Evading Network Signatures with Web-based Polymorphic Worms | Matt Van Gundy, Davide Balzarotti, Giovanni Vigna |
| WOOT '07 | An Encrypted Exploit Payload Protocol and Target-Side Scripting Engine | Dino A. Dai Zovi |
| WOOT '07 | Exploiting Redundancy in Natural Language to Penetrate Bayesian Spam Filters | Christoph Karlberger, Günther Bayler, Christopher Kruegel, Engin Kirda |
