Paid Advertising is
ha.ckers sla.cking
Q and A on cross site request forgeries and breaking into sessions. It's one of the attacks that XSS enables and the attack of the future. For Session, fixations, hijacking, lockout, replay, session riding etc.... 
Pages: Previous12345...LastNext
Current Page: 4 of 6
Subject Views Posts  Started By  Last Post 
IETab Chrome Weirdness 3,097  rsnake  03/21/2008 06:07AM 
Last Post by trev
Useless CSRF - Change Language 2,353  maluc  02/28/2008 08:56PM 
Last Post by maluc
Any way to send POST request without referrer? 4,309  trev  02/24/2008 05:12PM 
Last Post by matteo
Session Management - Forcing Users to Log Off 2,022  kala  02/16/2008 05:03AM 
Last Post by trev
Stealing non-callback JSON; close, but no dice 1,881  Ambush Commander  02/15/2008 02:58AM 
Last Post by .mario
List of ways to perform cross-site requests 2,055  11  Ambush Commander  02/11/2008 11:52PM 
Last Post by riahmatic
Getting the user to click the button (and do other things) 1,737  Ambush Commander  02/11/2008 03:51PM 
Last Post by Anonymous User
using cookie session 1,843  jackson_hacker  02/07/2008 10:22AM 
Last Post by J4zen
Using regex to block XSS 2,761  T06  02/01/2008 06:52AM 
Last Post by Anonymous User
Secure sessions, easy logins? 2,526  10  iNs4n3  01/30/2008 01:02PM 
Last Post by EWSec
application security 1,760  14  ceezax  01/30/2008 09:27AM 
Last Post by CrYpTiC_MauleR
img tag question 2,018  kcanis  01/18/2008 10:13AM 
Last Post by Anonymous User
CSRF4BlackHat - So it begins... 2,312  klaus  01/14/2008 06:06PM 
Last Post by kcanis
CSRF defend demos    Pages: 1 2 4,770  32  Gareth Heyes  01/04/2008 11:34AM 
Last Post by kirke
CSRF & SSO 2,114  flatron  12/13/2007 08:32AM 
Last Post by rsnake
Chrome URIs and CSRF, anybody playing? 2,752  15  tehryan  12/12/2007 04:53AM 
Last Post by Anonymous User
question 2,769  20  lobas  12/10/2007 11:44AM 
Last Post by Anonymous User
automated detection of csrf 3,695  12  ntp  12/10/2007 10:59AM 
Last Post by .mario
shopping cart using JS 2,364  cttnmth  12/10/2007 09:20AM 
Last Post by rsnake
XSS and CSRF with Flash 2,802  lake2  12/09/2007 09:46PM 
Last Post by Zoiz
getting username and pssword saved in the browser 3,596  11  n0  12/01/2007 04:16PM 
Last Post by birdie
Lots of CSRF News 2,281  ntp  11/23/2007 09:33PM 
Last Post by ntp
how to secure cross-domain single-sign on (sso) 3,627  shyguy  11/18/2007 01:12AM 
Last Post by erez
wpnonce bypass 2,603  lobas  11/03/2007 01:00PM 
Last Post by tehryan
Way to steal sessions across two browsers 3,230  11  cttnmth  10/30/2007 06:27PM 
Last Post by digi7al64
JSCK - Javascript CSRF Protection Kit 2,250  Gareth Heyes  10/24/2007 03:15AM 
Last Post by Gareth Heyes
AJAX 'gziped' response error 2,302  Xinstict  10/22/2007 04:57AM 
Last Post by Anonymous User
sending the entire HTML results to a third party site 1,911  jamuse  10/02/2007 06:41PM 
Last Post by Gareth Heyes
PHP, default Mime type, CSRF, oh my! 4,345  14  codec  09/28/2007 01:55PM 
Last Post by n0
CSRF Post without javascript 2,507  Gareth Heyes  09/06/2007 06:27AM 
Last Post by Gareth Heyes
Pages: Previous12345...LastNext
Current Page: 4 of 6