We're nearing the completion of the WASC Threat Classification v2 (2 sections left!) and have added the following new sections since my last couple of posts.

• Null Byte Injection
• Integer Overflows

We've also heavily updated the following sections

• Buffer Overflows (in depth discussion of heap vs stack vs integer overflows)
• SQL Injection (added SQL Injection in stored procedures)

Additionally I've added the following sections outlining The Threat Classification's Evolution, as well as a section on Using the Threat Classification.

A more complete picture can be found on our working wiki at http://projects.webappsec.org/Threat-Classification-Working