JavaScript

[2008-02-28] Firefox 3 disallows cross-site XBL >>>

Well, I decided to play around a little with Firefox 3 Beta 3 today an [...]

[2007-11-17] IE7 Javascript - modify the DOM without crashing the browser >>>

One of the biggest problems faced when writing Javascript that modifie [...]

[2007-07-05] Obfuscated fun >>>

Just thought I'd share the following script vector with you all that I [...]

[2007-07-05] Some evil stuff from sla.ckers >>>

There's such a wealth of new XSS vectors coming out of the work on php [...]

[2007-07-05] JavaScript internal numerical representations >>>

Whilst working on the next release of .NETIDS I came across some inter [...]

[2007-05-24] (C)SRF one-time token bypass using AJAX and XSS >>>

This morning I knocked up some proof of concept code to illustrate the [...]

[2007-05-21] Bypassing Same Origin Policy using Mash-Ups >>>

GNUCITIZEN has been going on about this for some time now, but the tru [...]

[2007-05-16] XSS in eXceSS: A "learn-XSS tool" >>>

kishord today presents a tool, called XSS in eXceSS and hosted by .mar [...]

[2007-05-15] JavaScript eval String.fromCharCode encoder >>>

Here is a nice tool for encoding JavaScript into eval(String.fromCharC [...]

[2007-05-15] httpOnly Cookie Detection >>>

Admittedly of limited use, here is a JavaScript function I wrote to de [...]

[2007-05-15] Evaluating the security of the JSONRequest object >>>

A proposed extension to the currently supported set of ...Request obje [...]

[2007-05-15] JavaScript Referer Scripts XSS Injection >>>

Many sites use JavaScript methods to inject a hidden form field into 4 [...]

[2007-05-15] Firefox XBL-JS Loader v1.0 >>>

Today I wrote a simple tool to illustrate the binding of a Javascript [...]

posts by month

March 2010  December 2009  October 2009  August 2009  June 2009  April 2009  February 2009  January 2009  December 2008  November 2008  October 2008  September 2008  July 2008  April 2008  March 2008  February 2008  November 2007  September 2007  July 2007  June 2007  May 2007 

recent posts

sshsplit: a dynamic tunnel multiplexer
Fixing scp completion in Ubuntu 9.10
Workaround for Ubuntu Karmic Koala resume problems
Audio Log Anonymizer v1.0 beta
What printer for Linux or Ubuntu?
Using mod_mono with mod_rewrite under apache2 on Linux
Installing Office 2007 on wine 1.1.24
Kubuntu 9.04 Upgrade Problem Resolution
FTP URL FastSnap Parsing in .NET

posts by category

.NET
CSRF
JavaScript
PHP
Site
SSImp
Uncategorized
WebSec
XSS