Paid Advertising is
ha.ckers sla.cking
Q and A on cross site request forgeries and breaking into sessions. It's one of the attacks that XSS enables and the attack of the future. For Session, fixations, hijacking, lockout, replay, session riding etc.... 
Pages: Previous12345...LastNext
Current Page: 4 of 6
Subject Views Posts  Started By  Last Post 
IETab Chrome Weirdness 3,059  rsnake  03/21/2008 06:07AM 
Last Post by trev
Useless CSRF - Change Language 2,322  maluc  02/28/2008 08:56PM 
Last Post by maluc
Any way to send POST request without referrer? 4,250  trev  02/24/2008 05:12PM 
Last Post by matteo
Session Management - Forcing Users to Log Off 1,993  kala  02/16/2008 05:03AM 
Last Post by trev
Stealing non-callback JSON; close, but no dice 1,859  Ambush Commander  02/15/2008 02:58AM 
Last Post by .mario
List of ways to perform cross-site requests 2,033  11  Ambush Commander  02/11/2008 11:52PM 
Last Post by riahmatic
Getting the user to click the button (and do other things) 1,709  Ambush Commander  02/11/2008 03:51PM 
Last Post by Anonymous User
using cookie session 1,812  jackson_hacker  02/07/2008 10:22AM 
Last Post by J4zen
Using regex to block XSS 2,706  T06  02/01/2008 06:52AM 
Last Post by Anonymous User
Secure sessions, easy logins? 2,501  10  iNs4n3  01/30/2008 01:02PM 
Last Post by EWSec
application security 1,734  14  ceezax  01/30/2008 09:27AM 
Last Post by CrYpTiC_MauleR
img tag question 1,996  kcanis  01/18/2008 10:13AM 
Last Post by Anonymous User
CSRF4BlackHat - So it begins... 2,281  klaus  01/14/2008 06:06PM 
Last Post by kcanis
CSRF defend demos    Pages: 1 2 4,715  32  Gareth Heyes  01/04/2008 11:34AM 
Last Post by kirke
CSRF & SSO 2,084  flatron  12/13/2007 08:32AM 
Last Post by rsnake
Chrome URIs and CSRF, anybody playing? 2,705  15  tehryan  12/12/2007 04:53AM 
Last Post by Anonymous User
question 2,732  20  lobas  12/10/2007 11:44AM 
Last Post by Anonymous User
automated detection of csrf 3,650  12  ntp  12/10/2007 10:59AM 
Last Post by .mario
shopping cart using JS 2,333  cttnmth  12/10/2007 09:20AM 
Last Post by rsnake
XSS and CSRF with Flash 2,772  lake2  12/09/2007 09:46PM 
Last Post by Zoiz
getting username and pssword saved in the browser 3,517  11  n0  12/01/2007 04:16PM 
Last Post by birdie
Lots of CSRF News 2,253  ntp  11/23/2007 09:33PM 
Last Post by ntp
how to secure cross-domain single-sign on (sso) 3,568  shyguy  11/18/2007 01:12AM 
Last Post by erez
wpnonce bypass 2,577  lobas  11/03/2007 01:00PM 
Last Post by tehryan
Way to steal sessions across two browsers 3,192  11  cttnmth  10/30/2007 06:27PM 
Last Post by digi7al64
JSCK - Javascript CSRF Protection Kit 2,220  Gareth Heyes  10/24/2007 03:15AM 
Last Post by Gareth Heyes
AJAX 'gziped' response error 2,262  Xinstict  10/22/2007 04:57AM 
Last Post by Anonymous User
sending the entire HTML results to a third party site 1,877  jamuse  10/02/2007 06:41PM 
Last Post by Gareth Heyes
PHP, default Mime type, CSRF, oh my! 4,259  14  codec  09/28/2007 01:55PM 
Last Post by n0
CSRF Post without javascript 2,482  Gareth Heyes  09/06/2007 06:27AM 
Last Post by Gareth Heyes
Pages: Previous12345...LastNext
Current Page: 4 of 6