XSS

[2008-02-02] An XML based XSS PoC platform >>>

Well, long time no post. Been in hospital. Been busy with college. L [...]

[2007-11-09] XSS for the common good - GreaseMousey >>>

I know I haven't posted anything here for a good while, but that's bec [...]

[2007-07-05] Obfuscated fun >>>

Just thought I'd share the following script vector with you all that I [...]

[2007-07-05] Some evil stuff from sla.ckers >>>

There's such a wealth of new XSS vectors coming out of the work on php [...]

[2007-06-26] HttpOnly cookies in .NET 2.0 >>>

This is a well known trick that I just wanted to share as it is so cru [...]

[2007-06-19] CSRF being used in latest IPB vuln - what about PHP web request? >>>

I was interested to see in a XSS/CSRF exploit the following lines: [...]

[2007-06-15] .NETIDS can now detect fragmented XSS >>>

Today I made some large commits to the .NETIDS project to enable detec [...]

[2007-06-13] Firefox nested comment fragmented XSS >>>

Following on from a post on sla.ckers it emerges that Firefox has a vu [...]

[2007-05-24] (C)SRF one-time token bypass using AJAX and XSS >>>

This morning I knocked up some proof of concept code to illustrate the [...]

[2007-05-20] RSnake + Jeremiah Grossman's Book Released >>>

ha.ckers are reporting that their book on Cross Site Scripting has fin [...]

[2007-05-19] XSF: Cross Site Flashing >>>

Stefano Di Paola presented an interesting paper on Flash security at O [...]

[2007-05-16] MOSEB month of search engine bugs >>>

Purpose of this Month of Bugs is a demonstration of real state with s [...]

[2007-05-16] XSS in eXceSS: A "learn-XSS tool" >>>

kishord today presents a tool, called XSS in eXceSS and hosted by .mar [...]

[2007-05-16] XSS Cheat Sheet >>>

Just a quick note to point out this invaluable resource for those inte [...]

[2007-05-15] Bypass ASP.NET XSS Protection in Internet Explorer >>>

ASP.NET comes preloaded with some default XSS protection which is actu [...]

[2007-05-15] JavaScript Referer Scripts XSS Injection >>>

Many sites use JavaScript methods to inject a hidden form field into 4 [...]

[2007-05-15] Firefox XBL-JS Loader v1.0 >>>

Today I wrote a simple tool to illustrate the binding of a Javascript [...]

posts by month

March 2010  December 2009  October 2009  August 2009  June 2009  April 2009  February 2009  January 2009  December 2008  November 2008  October 2008  September 2008  July 2008  April 2008  March 2008  February 2008  November 2007  September 2007  July 2007  June 2007  May 2007 

recent posts

sshsplit: a dynamic tunnel multiplexer
Fixing scp completion in Ubuntu 9.10
Workaround for Ubuntu Karmic Koala resume problems
Audio Log Anonymizer v1.0 beta
What printer for Linux or Ubuntu?
Using mod_mono with mod_rewrite under apache2 on Linux
Installing Office 2007 on wine 1.1.24
Kubuntu 9.04 Upgrade Problem Resolution
FTP URL FastSnap Parsing in .NET

posts by category

.NET
CSRF
JavaScript
PHP
Site
SSImp
Uncategorized
WebSec
XSS