Advertisements

Paper: Cross-Site Request Forgery: the Sea Surf

Written by Nexus, PlayHack.net

Saturday, 3 November 2007

This is an interesting read about CSRF attacks, covering the difference between XSS and CSRF, attack points and possible prevention solutions. Code examples are provided.


read more...

Paper: Preventing Cross-Site Request Forgery (CSRF)

Written by Nexus, PlayHack.net

Friday, 2 November 2007

Our friend Nexus has written a fresh and very interesting paper on how to prevent CSRF attacks.


read more...

Paper: The Cross Site Scripting (XSS) FAQ

Written by Robert Auger, CGISecurity.com

Wednesday, 31 October 2007

The best FAQ about cross-site scripting. Answers and questions on identification, threats, and prevention with examples and links. A must read if your site is XSS attacked.


read more...

Paper: A PoC of a cross webmail worm (XWW), called "Nduja connection"

Written by Rosario Valotta

Friday, 13 July 2007

A PoC of the first cross webmail worm (XWW) called "Nduja connection". This paper is a very interesting read, supported by a very nice video demonstration of the worm.


read more...

Paper: HTML Code Injection and Cross-Site Scripting

Written by Gunter Ollmann - Technicalinfo.net

Monday, 21 May 2007

In this paper, Gunter Ollmann provides an analytical explanation regarding HTML code injection and XSS. A great technical paper for an in-depth understanding of the cause and effect of XSS vulnerabilities.


read more...

Paper: Cross-Site Scripting for Fun and Profit

Written by Nexus, PlayHack.net

Thursday, 17 May 2007

In this paper, Nexus explains what is XSS and presents exploitation techniques that are related to each type of XSS vulnerabilities: DOM-Based, Non-Persistent, Persistent. He also provides information on possible XSS prevention solutions.


read more...

1 2 3 4 5 

 

45884 total xss
14724 special xss
3026 fixed
5025 xss onhold
2787 EW subscribers

Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.