security.websecurity (date)

security.websecurity (date)

January 30, 2007

Re: *REMINDER* WASC Meetup at RSA (San Francisco 2007), Jeremiah Grossman
Good Magazines and Books, KT
HTTP validation framework for Java, Stephen de Vries
OWASP Top 10 2007 Release Candidate 1, Andrew van der Stock

January 29, 2007

Re: Re: Suggestions for the CSRF FAQ, bugtraq
Re: Suggestions for the CSRF FAQ, Brian Eaton
Re: Suggestions for the CSRF FAQ, Stefan Esser
Defeating CAPTCHAs via Averaging (fwd), bugtraq
Re: Suggestions for the CSRF FAQ, John Terrill
Re: Suggestions for the CSRF FAQ, Brian Eaton
Re: Suggestions for the CSRF FAQ, Stefan Esser

January 28, 2007

Re: Suggestions for the CSRF FAQ, bugtraq
Suggestions for the CSRF FAQ, Brian Eaton

January 25, 2007

RE: img src , cant get it!, steve jensen
Re: xss filter to protect from xss attacks, Lalit Patel
WEB2.0 Security Isuues, Avi Shvartz
Re: img src , cant get it!, Benjamin Flesch
Re: How extract URL-link from flash(.swf) file by PHP?, Korhan GURLER

January 24, 2007

img src , cant get it!, John Terrill
Re: How extract URL-link from flash(.swf) file by PHP?, homegrown
Re: How extract URL-link from flash(.swf) file by PHP?, Steve Orrin
How extract URL-link from flash(.swf) file by PHP?, 김영일

January 23, 2007

Re: [Webappsec] [WEB SECURITY] xss filter to protect from xss attacks, anurag . agarwal
Re: [Webappsec] [WEB SECURITY] xss filter to protect from xss attacks, celf
Re: xss filter to protect from xss attacks, anurag . agarwal
Re: Re: [Webappsec] xss filter to protect from xss attacks, Prasad Shenoy
Re: Re: [Webappsec] xss filter to protect from xss attacks, Anurag Agarwal
Re: xss filter to protect from xss attacks, pdp (architect)
Re: xss filter to protect from xss attacks, Andrew van der Stock
Re: [Webappsec] xss filter to protect from xss attacks, celf
Re: xss filter to protect from xss attacks, Dinis Cruz
Re: Re: [Webappsec] xss filter to protect from xss attacks, Ryan Barnett
Re: [Webappsec] xss filter to protect from xss attacks, anurag . agarwal
Re: [Webappsec] xss filter to protect from xss attacks, Stephen de Vries
Re: [Webappsec] xss filter to protect from xss attacks, anurag . agarwal
Re: xss filter to protect from xss attacks, Prasad Shenoy
Re: [Webappsec] xss filter to protect from xss attacks, Amit Klein
xss filter to protect from xss attacks, Anurag Agarwal
WASC-Articles: Seeking Guest Writers, robert

January 22, 2007

Re: Check Point Connectra End Point security bypass, Felix Lindner
Check Point Connectra End Point security bypass, Roni Bachar

January 21, 2007

Re: Hardware for logging network requests, Mike Fratto
RE: [SPAM] [WEB SECURITY] Hardware for logging network requests, Steve Figures
Re: What happens to Your Computer if you MispellGoogle.com, Nikolay Kichukov
What happens to Your Computer if you Mispell Google.com, pdp (architect)
RE: some answered questions, Chris Weber
Hardware for logging network requests, J Joensuu

January 20, 2007

Atom Database, pdp (architect)
Crawling Ajax-driven Web 2.0 Applications, bugtraq

January 19, 2007

RE: some answered questions, Schmidt, Albert E
some answered questions, Jeremiah Grossman

January 18, 2007

Re: *RESULTS* Web Application Security Professionals Survey (Jan. 2007), Jeremiah Grossman
*RESULTS* Web Application Security Professionals Survey (Jan. 2007), Jeremiah Grossman
Persistent Web Backdoor, pdp (architect)
VisaNet Consolidated PIN Security Standards Requirements manual, Mustafa KOMUT

January 17, 2007

Ajax Sniffer - Proof of concept, Anurag Agarwal
RE: Announcement: The Cross-site Request Forgery FAQ, John Terrill

January 16, 2007

Re: Announcement: The Cross-site Request Forgery FAQ, bugtraq
RE: Announcement: The Cross-site Request Forgery FAQ, Billy Hoffman
Re: Announcement: The Cross-site Request Forgery FAQ, Stefan Esser
Re: Announcement: The Cross-site Request Forgery FAQ, bugtraq
Re: Announcement: The Cross-site Request Forgery FAQ, Stefan Esser
Re: Announcement: The Cross-site Request Forgery FAQ, bugtraq
Re: Announcement: The Cross-site Request Forgery FAQ, James Landis
Announcement: The Cross-site Request Forgery FAQ, bugtraq

January 13, 2007

Call for Participation - WASC Distributed Open Proxy Honeypot Project, Ryan Barnett
Re: Client-side validation in 2007?, Dennis Groves
RE: Client-side validation in 2007?, Martin O'Neal

January 12, 2007

Re: Client-side validation in 2007?, Jeremiah Grossman
Client-side validation in 2007?, Kurt Grutzmacher
Re: Disclosure for Web Applications, Pete Herzog
Anti-DNS Pinning + Socket in FLASH, Kanatoko
Your free MacWorld Platinum Pass! Some hacking required., Kurt Grutzmacher

January 11, 2007

Re: A Different CSOonline Article calling out the BS in the security industry, Pete Herzog
Re: Disclosure for Web Applications, Dennis Groves
RE: Disclosure for Web Applications, Bill Newton
WASC Meetup at RSA (San Francisco 2007), Jeremiah Grossman
RE: Disclosure for Web Applications, txs
iPhone, Dennis Groves
Re: Disclosure for Web Applications, Dennis Groves
Re: A Different CSOonline Article calling out the BS in the security industry, Dennis Groves
RE: Disclosure for Web Applications, txs
Re: A Different CSOonline Article calling out the BS in the security industry, Andy Steingruebl
Re: A Different CSOonline Article calling out the BS in the security industry, Pete Herzog
Re: A Different CSOonline Article calling out the BS in the security industry, robert
Re: A Different CSOonline Article calling out the BS in the security industry, Dennis Groves

January 10, 2007

Re: A Different CSOonline Article calling out the BS in the security industry, Gervase Markham
A Different CSOonline Article calling out the BS in the security industry, robert
Decoding the Google Blacklist, Michael Sutton
Article: A Positive Impact on Web Application Security (About WASC), robert
Disclosure for Web Applications, Jeremiah Grossman
Re: Server Obligation for Client Vulnerabilities (was: Universal XSS with PDF files: highly dangerous), James Landis
Re: ACL for application, Ankur Jindal

January 09, 2007

RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous, Marvin Simkin
RE: Universal XSS with PDF files: highly dangerous, Tom Spector
Automated Scanner vs. The OWASP Top Ten (white paper), Jeremiah Grossman
Administrative: List Questionnaire, robert
Re: ACL for application, Brian Eaton
Re: ACL for application, Ankur Jindal
Re: ACL for application, valkyrie
Re: ACL for application, Brian Eaton
RE: ACL for application, Herbener, Martin - KETS Engineering and Management
Re: recognising metacharacters as code ( Is ^ a dangerous metachar?), Brian Eaton
Re: ACL for application, Mr Zebedee
Re: Using .htaccess to protect from XSS attacks, RSnake
ACL for application, Ankur Jindal
Using .htaccess to protect from XSS attacks, Anurag Agarwal
Web Application Security Professionals Survey (Jan. 2007), Jeremiah Grossman

January 08, 2007

RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous, Martin O'Neal
Re: [Full-disclosure] [WEB SECURITY] Universal XSS with PDF files: highly dangerous, Jim Manico
RE: Universal XSS with PDF files: highly dangerous, Tom Stripling
Re: Universal XSS with PDF files: highly dangerous, The Anarcat
RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous, Martin O'Neal
Re: Universal XSS with PDF files: highly dangerous, Brian Eaton
Re: Universal XSS with PDF files: highly dangerous, Amit Klein
Re: Universal XSS with PDF files: highly dangerous, RSnake
Re: Is ^ a dangerous metachar?, Brian Eaton
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous, M . B . Jr .
Re: Universal XSS with PDF files: highly dangerous, pst
Re: QASEC Announcement: Writing Software Security Test Cases, Stephen de Vries
Re: Is ^ a dangerous metachar?, Haroon Meer
Is ^ a dangerous metachar?, Ephraim Dan
RE: Looking For a Username Dictionary, Mark Mcdonald
Re: Looking For a Username Dictionary, H. Morrow Long

January 07, 2007

Looking For a Username Dictionary, Jason Wood
RE: QASEC Announcement: Writing Software Security Test Cases, Brian Cohen
QASEC Announcement: Writing Software Security Test Cases, bugtraq

January 06, 2007

Re: Universal XSS with PDF files: highly dangerous, Neil Smithline
Server Obligation for Client Vulnerabilities (was: Universal XSS with PDF files: highly dangerous), Neil Smithline

January 05, 2007

Re: Universal XSS with PDF files: highly dangerous, Jeff Williams
Re: Universal XSS with PDF files: highly dangerous, Amit Klein
Re: Universal XSS with PDF files: highly dangerous, James Landis
Re: Universal XSS with PDF files: highly dangerous, Amit Klein
Re: Universal XSS with PDF files: highly dangerous, Amit Klein
Re: Universal XSS with PDF files: highly dangerous, James Landis
Re: Universal XSS with PDF files: highly dangerous, RSnake
Re: Universal PDF XSS After Party, Maik Mueller
RE: Universal XSS with PDF files: highly dangerous, Martin O'Neal
Re: Universal XSS with PDF files: highly dangerous, Stefano Di Paola
Fwd: Re: Universal XSS with PDF files: highly dangerous, Tõnu Samuel
Re: Universal XSS with PDF files: highly dangerous, pdp (architect)
Re: Universal XSS with PDF files: highly dangerous, Kristina Lein
Re: Universal XSS with PDF files: highly dangerous, Amit Klein
Re: Universal XSS with PDF files: highly dangerous, Amit Klein
Re: Universal XSS with PDF files: highly dangerous, Mike Metzger
Re: Universal XSS with PDF files: highly dangerous, Jean-Jacques Halans
Re: Universal XSS with PDF files: highly dangerous, James Landis
RE: Universal XSS with PDF files: highly dangerous, White, Dain P
Re: Universal XSS with PDF files: highly dangerous, Jean-Jacques Halans
RE: Universal XSS with PDF files: highly dangerous, White, Dain P
RE: Universal XSS with PDF files: highly dangerous, RSnake
Re: Universal XSS with PDF files: highly dangerous, Mike Metzger
Re: Universal XSS with PDF files: highly dangerous, James Landis
RE: Universal XSS with PDF files: highly dangerous, White, Dain P
RE: Universal XSS with PDF files: highly dangerous, Mark Andrews
Re: Universal XSS with PDF files: highly dangerous, Amit Klein

January 04, 2007

RE: Universal XSS with PDF files: highly dangerous, Guy Podjarny
Re: Universal XSS with PDF files: highly dangerous, Mike Metzger
RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous, Martin O'Neal
Re: Universal XSS with PDF files: highly dangerous, Amit Klein
RE: Universal XSS with PDF files: highly dangerous, White, Dain P
Re: Universal XSS with PDF files: highly dangerous, Amit Klein
Re: Universal XSS with PDF files: highly dangerous, pdp (architect)
Re: Universal XSS with PDF files: highly dangerous, Amit Klein
RE: Universal XSS with PDF files: highly dangerous, Billy Hoffman
Re: [Full-disclosure] Universal XSS with PDF files: highly dangerous, pdp (architect)
RE: Universal XSS with PDF files: highly dangerous, Ory Segal
RE: Universal XSS with PDF files: highly dangerous, Billy Hoffman
Re: Universal XSS with PDF files: highly dangerous, skarvin
A Tour of the Google Blacklist, Michael Sutton
Re: [WEB SECURITY] RE: Universal PDF XSS After Party(posible solution), RSnake
Re: Universal PDF XSS After Party(posible solution), Darren Bounds
Re: Universal PDF XSS After Party(posible solution), Noe Espinoza M.
RE: Universal XSS with PDF files: highly dangerous, Martin O'Neal
RE: Universal XSS with PDF files: highly dangerous, RSnake
RE: Universal XSS with PDF files: highly dangerous, Billy Hoffman
RE: Universal XSS with PDF files: highly dangerous, Martin O'Neal
Re: Universal XSS with PDF files: highly dangerous, pst
Re: Universal XSS with PDF files: highly dangerous, skarvin
Re: [WEB SECURITY]RE: Universal XSS with PDF files: highly dangerous, RSnake
RE: Universal XSS with PDF files: highly dangerous, Michael Sutton
Re: Universal XSS with PDF files: highly dangerous, T Biehn
Universal PDF XSS After Party, pdp (architect)
Re: Universal XSS with PDF files: highly dangerous, Juha-Matti Laurio
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous, HASEGAWA Yosuke
Re: Universal XSS with PDF files: highly dangerous, Larry Seltzer
Re: Universal XSS with PDF files: highly dangerous, Juha-Matti Laurio
Re: Universal XSS with PDF files: highly dangerous, Thierry Zoller
Re: Universal XSS with PDF files: highly dangerous, pdp (architect)
Re: Universal XSS with PDF files: highly dangerous, der wert
Re: Universal XSS with PDF files: highly dangerous, Amit Klein
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous, RSnake
Re: Universal XSS with PDF files: highly dangerous, Jim Manico
Re: Universal XSS with PDF files: highly dangerous, bugtraq

January 03, 2007

Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous, Larry Seltzer
Re: Universal XSS with PDF files: highly dangerous, pdp (architect)
Re: Universal XSS with PDF files: highly dangerous, Prasad Shenoy
Re: Universal XSS with PDF files: highly dangerous, Amit Klein
Re: Universal XSS with PDF files: highly dangerous, pdp (architect)
Re: Universal XSS with PDF files: highly dangerous, Dave Ferguson
Re: Universal XSS with PDF files: highly dangerous, James Landis
Re: Universal XSS with PDF files: highly dangerous, Jean-Jacques Halans
Re: Universal XSS with PDF files: highly dangerous, RSnake
Re: Universal XSS with PDF files: highly dangerous, pdp (architect)
Re: Universal XSS with PDF files: highly dangerous, James Landis
Re: Universal XSS with PDF files: highly dangerous, Amit Klein
Re: Universal XSS with PDF files: highly dangerous, ascii
Re: Universal XSS with PDF files: highly dangerous, ascii
Adobe Acrobat Reader Plugin - Multiple Vulnerabilities, Stefano Di Paola
Re: Universal XSS with PDF files: highly dangerous, ascii
Re: Universal XSS with PDF files: highly dangerous, Prasad Shenoy
Re: Universal XSS with PDF files: highly dangerous, Prasad Shenoy
Hacking AJAX DWR Applications, Amichai Shulman
Re: Universal XSS with PDF files: highly dangerous, Richard Moore
RE: img src , cant get it!, White, Dain P
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous, pdp (architect)
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous, sven . vetsch
Re: Universal XSS with PDF files: highly dangerous, Amit Klein
Universal XSS with PDF files: highly dangerous, pdp (architect)
RE: Google's blacklisted url database (phishing url database), Brad Inscoe

January 02, 2007

Sniffing and Backdooring UIML Applications, bugtraq
Google’s blacklisted url database (phishing url database), Rajesh Sethumadhavan
img src , cant get it!, Esteban Ribičić

January 01, 2007

Vulnerability Scanners Review Published, bugtraq
[NGSEC] ngGame #3 - BrainStorming (fwd), bugtraq
Fierce domain scan released, RSnake

News | FAQ | advertise