Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A on cross site request forgeries and breaking into sessions. It's one of the attacks that XSS enables and the attack of the future. For Session, fixations, hijacking, lockout, replay, session riding etc.... 

Current Page: 1 of 1
Results 1 - 3 of 3
5 years ago
marshmellow1328
I was just reading RSnake's recent DNS Rebinding blog posts where he keeps stating "respect the host header". Is he simply meaning to verify that something like $_SERVER['HTTP_HOST'] in a PHP context matches one's domain??
Forum: CSRF and Session Info
5 years ago
marshmellow1328
Thanks for the OWASP link. That has already helped some. It is also good to see there is a sense of humor around here. Thanks for the warm welcome. ;)
Forum: Intro
5 years ago
marshmellow1328
Just throwing my hello out to the community. I am a senior computer science major in college interested in a lot of web development related activities. I am here to learn what I can for the purpose of being able to write secure code rather than contribute to the maelstrom that is already out there. My one problem is most of the topics are that I have flipped through are way over my head. Are th
Forum: Intro
Current Page: 1 of 1