Submit Search
Upload
Abusing Windows Opener To Bypass CSRF Protection
•
1 like
•
333 views
Narendra Bhati
Follow
Published On Exploit DB Papers https://www.exploit-db.com/docs/38193.pdf
Read less
Read more
Technology
Report
Share
Report
Share
1 of 7
Download now
Download to read offline
Recommended
OWASP Pune Chapter 18th Feb 2016 At - Avaya India, Pune.
OWASP Pune Chapter : Dive Into The Profound Web Attacks
OWASP Pune Chapter : Dive Into The Profound Web Attacks
Narendra Bhati
How I won the ClubHack'11 Precon CTF - A Walkthru A Write-up
Club hack 2011 precon ctf walkthrough
Club hack 2011 precon ctf walkthrough
n|u - The Open Security Community
Basic programming practices to ensure secure PHP web applications.
Secure Programming In Php
Secure Programming In Php
Akash Mahajan
Presentation which describes entity provider selection confusion attacks in JAX-RS applications for RESTEasy and Jersey frameworks.
Entity provider selection confusion attacks in JAX-RS applications
Entity provider selection confusion attacks in JAX-RS applications
Mikhail Egorov
Part of F5 mitigations series Brute force on apps is on the rise Will become WBT @ F5U Conclusion: Internet brute force can go undetected and is a serious threat to applications F5 owns the largest set of options to detect and prevent application brute force
Brute Force - Lior Rotkovitch - f5 SIRT v5.pdf
Brute Force - Lior Rotkovitch - f5 SIRT v5.pdf
Lior Rotkovitch
Basic overview of PHP security for a local Meetup group
Intro to Php Security
Intro to Php Security
Dave Ross
A case study of security features inside the popular python-based web framework, Django. Made by Mohammed ALDOUB (@Voulnet)
Case Study of Django: Web Frameworks that are Secure by Default
Case Study of Django: Web Frameworks that are Secure by Default
Mohammed ALDOUB
Unusual Web Bugs
Unusual Web Bugs
amiable_indian
Recommended
OWASP Pune Chapter 18th Feb 2016 At - Avaya India, Pune.
OWASP Pune Chapter : Dive Into The Profound Web Attacks
OWASP Pune Chapter : Dive Into The Profound Web Attacks
Narendra Bhati
How I won the ClubHack'11 Precon CTF - A Walkthru A Write-up
Club hack 2011 precon ctf walkthrough
Club hack 2011 precon ctf walkthrough
n|u - The Open Security Community
Basic programming practices to ensure secure PHP web applications.
Secure Programming In Php
Secure Programming In Php
Akash Mahajan
Presentation which describes entity provider selection confusion attacks in JAX-RS applications for RESTEasy and Jersey frameworks.
Entity provider selection confusion attacks in JAX-RS applications
Entity provider selection confusion attacks in JAX-RS applications
Mikhail Egorov
Part of F5 mitigations series Brute force on apps is on the rise Will become WBT @ F5U Conclusion: Internet brute force can go undetected and is a serious threat to applications F5 owns the largest set of options to detect and prevent application brute force
Brute Force - Lior Rotkovitch - f5 SIRT v5.pdf
Brute Force - Lior Rotkovitch - f5 SIRT v5.pdf
Lior Rotkovitch
Basic overview of PHP security for a local Meetup group
Intro to Php Security
Intro to Php Security
Dave Ross
A case study of security features inside the popular python-based web framework, Django. Made by Mohammed ALDOUB (@Voulnet)
Case Study of Django: Web Frameworks that are Secure by Default
Case Study of Django: Web Frameworks that are Secure by Default
Mohammed ALDOUB
Unusual Web Bugs
Unusual Web Bugs
amiable_indian
A talk on top 10 Security Vulnerabilities based on OWASP Top Ten Project: https://www.owasp.org/index.php/OWASP_Top_Ten_Project. The presentation is available under Creative Commons Attribution-ShareAlike 2.5 Generic License: https://creativecommons.org/licenses/by-sa/2.5/.
Top 10 Security Vulnerabilities (2006)
Top 10 Security Vulnerabilities (2006)
Susam Pal
Presentation from Zero Nights 2017 - https://2017.zeronights.ru/report/tryuki-dlya-obhoda-csrf-zashhity/.
Neat tricks to bypass CSRF-protection
Neat tricks to bypass CSRF-protection
Mikhail Egorov
Seminar on various security issues faced by PHP developers and ways to avoid them. The Examples used in the seminar can be downloaded from -> http://www.sanisoft.com/blog/wp-content/uploads/2009/08/security.tar.gz
Security In PHP Applications
Security In PHP Applications
Aditya Mooley
http://www.powerofcommunity.net/pastcon_2008.html & http://xcon.xfocus.org/XCon2008/index.html The Same Origin Policy is the most talked about security policy which relates to web applications, it is the constraint within browsers that ideally stops active content from different origins arbitrarily communicating with each other. This policy has given rise to the class of bugs known as Cross-Site Scripting (XSS) vulnerabilities, though a more accurate term is usually JavaScript injection, where the ability to force an application to echo crafted data gives an attacker the ability to execute JavaScript within the context of the vulnerable origin. This talk takes the view that the biggest weakness with the Same Origin Policy is that it must be implemented by every component of the browser independently, and if any component implements it differently to other components then the security posture of the browser is altered. As such this talk will examine how the 'Same Origin Policy' is implemented in different circumstances, especially in active content, and where the Same Origin Policy is not really enforced at all.
Same Origin Policy Weaknesses
Same Origin Policy Weaknesses
kuza55
JUG Basel
OAuth Hacks A gentle introduction to OAuth 2 and Apache Oltu
OAuth Hacks A gentle introduction to OAuth 2 and Apache Oltu
Antonio Sanso
Presentation that contrasts static and dynamic analysis of web applications for security vulnerabilities. Describes a technique to combine static and dynamic analysis called hybrid analysis. (SummerCon 2008)
Static Analysis: The Art of Fighting without Fighting
Static Analysis: The Art of Fighting without Fighting
Rob Ragan
* Django is a Web Application Framework, written in Python * Allows rapid, secure and agile web development. * Write better web applications in less time & effort.
Django (Web Applications that are Secure by Default )