Paid Advertising is
ha.ckers sla.cking
Q and A on cross site request forgeries and breaking into sessions. It's one of the attacks that XSS enables and the attack of the future. For Session, fixations, hijacking, lockout, replay, session riding etc.... 
Pages: Previous12345...LastNext
Current Page: 4 of 6
Subject Views Posts  Started By  Last Post 
IETab Chrome Weirdness 3,077  rsnake  03/21/2008 06:07AM 
Last Post by trev
Useless CSRF - Change Language 2,329  maluc  02/28/2008 08:56PM 
Last Post by maluc
Any way to send POST request without referrer? 4,274  trev  02/24/2008 05:12PM 
Last Post by matteo
Session Management - Forcing Users to Log Off 2,003  kala  02/16/2008 05:03AM 
Last Post by trev
Stealing non-callback JSON; close, but no dice 1,864  Ambush Commander  02/15/2008 02:58AM 
Last Post by .mario
List of ways to perform cross-site requests 2,041  11  Ambush Commander  02/11/2008 11:52PM 
Last Post by riahmatic
Getting the user to click the button (and do other things) 1,718  Ambush Commander  02/11/2008 03:51PM 
Last Post by Anonymous User
using cookie session 1,820  jackson_hacker  02/07/2008 10:22AM 
Last Post by J4zen
Using regex to block XSS 2,728  T06  02/01/2008 06:52AM 
Last Post by Anonymous User
Secure sessions, easy logins? 2,510  10  iNs4n3  01/30/2008 01:02PM 
Last Post by EWSec
application security 1,744  14  ceezax  01/30/2008 09:27AM 
Last Post by CrYpTiC_MauleR
img tag question 2,000  kcanis  01/18/2008 10:13AM 
Last Post by Anonymous User
CSRF4BlackHat - So it begins... 2,289  klaus  01/14/2008 06:06PM 
Last Post by kcanis
CSRF defend demos    Pages: 1 2 4,734  32  Gareth Heyes  01/04/2008 11:34AM 
Last Post by kirke
CSRF & SSO 2,097  flatron  12/13/2007 08:32AM 
Last Post by rsnake
Chrome URIs and CSRF, anybody playing? 2,722  15  tehryan  12/12/2007 04:53AM 
Last Post by Anonymous User
question 2,748  20  lobas  12/10/2007 11:44AM 
Last Post by Anonymous User
automated detection of csrf 3,663  12  ntp  12/10/2007 10:59AM 
Last Post by .mario
shopping cart using JS 2,345  cttnmth  12/10/2007 09:20AM 
Last Post by rsnake
XSS and CSRF with Flash 2,785  lake2  12/09/2007 09:46PM 
Last Post by Zoiz
getting username and pssword saved in the browser 3,541  11  n0  12/01/2007 04:16PM 
Last Post by birdie
Lots of CSRF News 2,261  ntp  11/23/2007 09:33PM 
Last Post by ntp
how to secure cross-domain single-sign on (sso) 3,587  shyguy  11/18/2007 01:12AM 
Last Post by erez
wpnonce bypass 2,588  lobas  11/03/2007 01:00PM 
Last Post by tehryan
Way to steal sessions across two browsers 3,203  11  cttnmth  10/30/2007 06:27PM 
Last Post by digi7al64
JSCK - Javascript CSRF Protection Kit 2,234  Gareth Heyes  10/24/2007 03:15AM 
Last Post by Gareth Heyes
AJAX 'gziped' response error 2,275  Xinstict  10/22/2007 04:57AM 
Last Post by Anonymous User
sending the entire HTML results to a third party site 1,890  jamuse  10/02/2007 06:41PM 
Last Post by Gareth Heyes
PHP, default Mime type, CSRF, oh my! 4,301  14  codec  09/28/2007 01:55PM 
Last Post by n0
CSRF Post without javascript 2,490  Gareth Heyes  09/06/2007 06:27AM 
Last Post by Gareth Heyes
Pages: Previous12345...LastNext
Current Page: 4 of 6