Security in an Insecure Environment
April 22, 2009 Leave a comment
Categories
- Crypto (7)
- Misc (47)
- Pentest (36)
- Pwnable (7)
- Reverse Engineering (33)
- Security Tools (16)
- Web Hacking (20)
Stuff
Recent Posts
- Common OAuth issue you can use to take over accounts
- Qualys validaterequest ‘finding’ is an Annoying PCI Problem
- Using windbg to beat my dad at chess
- DPAPI Primer for Pentesters
- Common .NET ViewstateUserKey CSRF Issue
- .NET MVC AntiforgeryToken CSRF Testing
- Stripping the Referer in a Cross Domain POST request
- ValidateRequest should probably still be Enabled
Tags
.net
101
2013BH
architecture
avr
bash
binary
burp
C
clickjacking
cryptography
csrf
ctf
defcon
DoS
elf
firefox
gdb
IDA
javascript
kernel
keygen
ldap
linux
metasploit
module
mycontroller
nmap
ollydbg
paper
pe
php
python
reverseme
reversing
rtos
ssh
sysadmin
tcp
ubuntu
vim
websitebaker
wireless
xml
xss
Twit
- RT @mubix: Something I forgot to mention is that we are looking for global hires for our Red Team as well, senior and regular levels. Mubix… 2 days ago
- RT @taviso: Interested in getting started on Windows Kernel security research? blog.cmpxchg8b.com/2013/05/introd… 3 days ago
- RT @tombkeeper: A true story: one of my buddies downloaded a porn, when he tried to watch it the player got crashed, and then he found a vu… 5 days ago
- @homakov but yeah you're right, you need to log the user out of FB first (or if he doesn't have an FB account) 1 week ago
- @homakov There are a couple ways you can force people to log out. Maybe in another post I'll talk about it. 1 week ago
- RT @sctan: In web security, no mitigation's too simple when dealing with millions of users. 1 week ago
- RT @homakov: It feels like i got to write a post about HOW SERIOUS CSRF in FB login is. FB refused to fix! O_o (Read the update) http://t.c… 1 week ago
