I’ve been working on my Hackvertor script to include XSS fuzzing which isn’t ready yet but I thought you might be interested in a few interesting results I’ve found 🙂 First off I’m sure you know you can use XSS in a img object yeah? Well did you know there’s also a image object as […]
Archives for the Date November 19th, 2007
CSK update
Monday, 19 November 2007
Sirdarckcat has been doing some work on my CSK kit and has improved it with new events and data handling improvements. This is great news because I haven’t had chance to work on it for a while with all the projects I’m involved in there’s just not enough time in the day. It’s still early […]
CSRF browser protection
Monday, 19 November 2007
I like the topic of CSRF because it’s such a difficult problem to solve, I was thinking about ways a browser can prevent CSRF and I’ve come up with the following solutions:- 1. After a domain name any image/object/frame etc request is truncated by a user definable setting. Limiting the amount of data an attacker […]