Advertisements

Paper: Kr3w's Cross-Site Scripting Tutorial

Written by Kr3w

Tuesday, 15 May 2007

In this paper, Kr3w provides a very good tutorial about cross-site scripting (XSS).


read more...

Paper: Applying XSS to Phishing Attacks

Written by Nexus, PlayHack.net

Thursday, 3 May 2007

In this paper, Nexus presents and explains the techniques and codes which are used by phishers who are knowledgeable about certain aspects of cross-site scripting (XSS) exploitation, in order to attack users or webmasters of websites that are vulnerable to XSS.


read more...

Paper: Preventing CSRF Attacks

Written by Petko D. Petkov, GNUCitizen.org

Saturday, 31 March 2007

In this paper, Petko D. Petkov explains how CSRF attacks can be prevented using tokens in a web application.


read more...

Paper: Double Trap XSS Injection: An Analysis

Written by Aditya K Sood, Metaeye Security Group

Wednesday, 28 March 2007

In this paper, Aditya K Sood demonstrates the double trap XSS injection with the scope of determining a new class of XSS exploitation. The  target is SecTheory consultation website.


read more...

Paper: Overtaking Google Desktop

Written by Yair Amit, Danny Allan and Adi Sharabani, Watchfire

Saturday, 24 February 2007

A research whitepaper from Watchfire, has revealed a serious cross-site scripting vulnerability in Google Desktop. Malicious people can exploit this vulnerability to access sensitive data on  the attacked systems and in some cases take full control of them.


read more...

Paper: Anatomy of a "Pseudo-Reflective" Worm

Written by Kyran

Tuesday, 20 February 2007

Kyran wrote a paper on the anatomy of a "Pseudo-Reflective" worm, which he coded to target GaiaOnline.com.


read more...

1 2 3 4 5 

 

45884 total xss
14724 special xss
3026 fixed
5094 xss onhold
2810 EW subscribers

Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.