Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A on cross site request forgeries and breaking into sessions. It's one of the attacks that XSS enables and the attack of the future. For Session, fixations, hijacking, lockout, replay, session riding etc.... 

Current Page: 1 of 1
Results 1 - 5 of 5
1 year ago
Coded32
sadly, there is no readymade bruteforce script for CP webmail or CP.
Forum: CSRF and Session Info
1 year ago
Coded32
is there any POC code available, one is via th pr0ceed team, but they didn't share much but a video on there YT channel -> http://tube.7s-b.com/Pr0ceed/ This has been proved to exist in browser beyond ie 6.0 till IE 7.x SP2 Just need POC code with end results for penetration test.
Forum: CSRF and Session Info
1 year ago
Coded32
also, DVWA, WebGoat and the new OWASP Security Shepherd.
Forum: Full Disclosure
1 year ago
Coded32
any XSS ound is not worth if it does not accept HTTP requsts. I think of XSS tunnel and XSS shell. Why not give XSSF on MSF a hit tho then?
Forum: Full Disclosure
1 year ago
Coded32
I don't see a point why you had posted this here? It's an HR company, what we do is penetration tests !
Forum: Jobs
Current Page: 1 of 1