Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A on cross site request forgeries and breaking into sessions. It's one of the attacks that XSS enables and the attack of the future. For Session, fixations, hijacking, lockout, replay, session riding etc.... 

Current Page: 1 of 1
Results 1 - 2 of 2
6 years ago
flatron
It is widely believed that an ORM layer like with Hibernate, NHibernate etc. provides for high degree of protection against SQL Injections. Although it is obvious that it is not as easy, I was wondering if it is altogether possible to successfully apply an SQL Injection in a web app with ORM?
Forum: SQL and Code Injection
6 years ago
flatron
It seems that as people use SSO solutions like pubcookie more and more for services that span throughout an institution, this infrastructure becomes more and more vulnerable to CSRF attacks. Have the problems of CSRF & SSO been formally addressed somewhere? Are there any whitepapers? I'm googling but I can't seem to find anything useful...
Forum: CSRF and Session Info
Current Page: 1 of 1