security.websecurity (thread)

Digg Delicious Technorati & Netscape XSS (worm?), mybeni websecurity
Global Space Exploitation In PHP Based Web Applications, Aditya K Sood
- Re: [Full-disclosure] Global Space Exploitation In PHP Based Web Applications, Michal Zalewski
  - Re: [WEB SECURITY] Re: Global Space Exploitation In PHP Based Web Applications, Aditya K Sood
RE: Preventing Cross-site Request Forgeries [ASP.NET crowd], Chris Weber
- RE: Preventing Cross-site Request Forgeries [ASP.NET crowd], Michael Sutton
  - Re: [WEB SECURITY] Preventing Cross-site Request Forgeries [ASP.NET crowd], Chris Weber
- Re: Preventing Cross-site Request Forgeries [ASP.NET crowd], Arian J. Evans
  - Re: Preventing Cross-site Request Forgeries [ASP.NET crowd], pdp (architect)
    - Re: [Webappsec] [WEB SECURITY] Preventing Cross-site Request Forgeries [ASP.NET crowd], Jim Manico
    - Re: [Webappsec] [WEB SECURITY] Preventing Cross-site Request Forgeries [ASP.NET crowd], pdp (architect)
    - Re: [Webappsec] [WEB SECURITY] Preventing Cross-site Request Forgeries [ASP.NET crowd], Jim Manico
Reflection on Jeff Williams, anurag . agarwal
Preventing Cross-site Request Forgeries, pdp (architect)
HTTP authentication without a 401 response?, Marc-André Laverdière
- Re: HTTP authentication without a 401 response?, Brian Eaton
- Re: HTTP authentication without a 401 response?, Andy Steingruebl
Rootkit.com : Prone To Redirection and Looping Attacks, Aditya K Sood
Using XUL to spoof a firefox window, bugtraq
- Re: Using XUL to spoof a firefox window, Michal Zalewski
Java 2 Security Standards, Larry Pingree
- Re: [Webappsec] Java 2 Security Standards, Daniel Fernández Garrido
  - RE: [Webappsec] Java 2 Security Standards, Larry Pingree
    - Re: RE: [Webappsec] Java 2 Security Standards, Stephen de Vries
    - RE: [Webappsec] Java 2 Security Standards, Jeff Williams
- Re: [Webappsec] Java 2 Security Standards, Daniel Fernández Garrido
- Re: Java 2 Security Standards, Brian Eaton
Fix Update: Disable Google Desktop Link Integration with IE & FireFox, Debasis Mohanty
Reflection on robert auger, anurag . agarwal
End Points Malfeasance, Aditya K Sood
Preventing HTTP Response Splitting with HTTP mods and sequence-id's ?, Andy Steingruebl
- Re: [Webappsec] Preventing HTTP Response Splitting with HTTP mods and sequence-id's ?, Amit Klein
  - Re: [Webappsec] Preventing HTTP Response Splitting with HTTP mods and sequence-id's ?, Andy Steingruebl
    - Re: [Webappsec] Preventing HTTP Response Splitting with HTTP mods and sequence-id's ?, Amit Klein
    - Re: [Webappsec] Preventing HTTP Response Splitting with HTTP mods and sequence-id's ?, Andy Steingruebl
Malicioius JavaScript - AV Signatures, James Kist
IntraProgrammed Search Engines Are XSS Driven, Aditya K Sood
ZombieMap - GEO Zombie Mapper, pdp (architect)
[Web Security] Double Trap XSS Injections., Aditya K Sood
- Re: [Web Security] Double Trap XSS Injections., Michal Zalewski
  - Re: [Web Security] Double Trap XSS Injections., Aditya K Sood
Web Security Regression Testing, Andy Steingruebl
- Re: Web Security Regression Testing, bugtraq
- Re: [Webappsec] Web Security Regression Testing, Stephen de Vries
- Re: Web Security Regression Testing, Ryan Barnett
Training choice, David Felio
- Re: Training choice, Andrew van der Stock
- Re: Training choice, Steve Slater
  - Re: Training choice, Ryan Barnett
ANNOUNCING: 6th OWASP AppSec Conference - May 15-17 2007 - Milan, Italy, Dave Wichers
Web Security and Bookmarklet Exploits, pdp (architect)
Reflection on Billy Hoffman, anurag . agarwal
OWASP Spring of Code 2007, Dinis Cruz
htaccess Protection - Apache, Greenarrow 1
- Re: htaccess Protection - Apache, Matthieu Estrade
- Re: htaccess Protection - Apache, RSnake
Hack, pump and dump, James Kist
- Re: Hack, pump and dump, John Terrill
GMail Contact Information Disclosure PoC, beNi
- Re: [WEB SECURITY] GMail Contact Information Disclosure PoC, chris
  - Re: [WEB SECURITY] GMail Contact Information Disclosure PoC, Dror Shalev
Security Scanner, Luis Masut
- Re: Security Scanner, naka
  - Re: Security Scanner, bugtraq
    - Re: Security Scanner, James Landis
    - Re: Security Scanner, foo
- Re: Security Scanner, Rodrigo Montoro (Sp0oKeR)
- Re: Security Scanner, Steve Orrin
- Re: Security Scanner, Anurag Agarwal
  - Re: Security Scanner, Thiago Zaninotti
    - Re: Security Scanner, Prasad Shenoy
  - Re: Security Scanner, Arian J. Evans
    - Re: Security Scanner, Dinis Cruz
- RE: Security Scanner, TUSHAR VARTAK /ISG/INFOTECH/BKC
new AttackAPI, pdp (architect)
WASC Threat Classification Project - Call for Participants, robert
Re: [WEB SECURITY] Re: Good resources on Web 2.0, Kasey Cross
- Re: Re: [Full-disclosure] Good resources on Web 2.0, bugtraq
  - Re: [WEB SECURITY] Re: Good resources on Web 2.0, czino2
This week : Reflection on Sheeraj Shah, Anurag Agarwal
SyScan'07 - Call for Paper - NEW UPDATES, organiser@xxxxxxxxxx
Good resources on Web 2.0, Justin Boem
- Re: Good resources on Web 2.0, Michael Silk
  - Re: [Full-disclosure] Good resources on Web 2.0, crazy frog crazy frog
    - Re: Re: [Full-disclosure] Good resources on Web 2.0, Dinis Cruz
PHP import_request_variables() vs extract(), ascii
PHP import_request_variables() arbitrary variable overwrite, Stefano Di Paola
Re: Announcement: The Cross-site Request Forgery FAQ, James Landis
Attack Tree, Ankur Jindal
- Re: Attack Tree, foo
  - Re: Attack Tree, Dinis Cruz
    - Re: Attack Tree, Ankur Jindal
    - Re: Attack Tree, Dinis Cruz
    - RE: Attack Tree, Chris Weber
    - Re: Attack Tree, list
    - Re: Attack Tree, Dinis Cruz
    - Re: Attack Tree, Ankur Jindal
Wordpress website hacked, wordpress backdoored, bugtraq
- Re: Wordpress website hacked, wordpress backdoored, Dinis Cruz
  - Re: Wordpress website hacked, wordpress backdoored, bugtraq
get ip with javascript, Luis Masut
- Re: get ip with javascript, Christopher Paggen
  - RE: get ip with javascript, Martin O'Neal
  - Re: get ip with javascript, Christopher Paggen
    - RE: get ip with javascript, Martin O'Neal
- Re: get ip with javascript, pdp (architect)
  - RE: get ip with javascript, Danny Allan
sql error, Luis Masut
- RE: sql error, steve jensen
break java script, Luis Masut
- Re: break java script, beNi
- RE: break java script, steve jensen
Virtual PIN pad code samples, Greg Elkins
- Re: Virtual PIN pad code samples, Walt Williams
- Re: Virtual PIN pad code samples, John Terrill
- Re: Virtual PIN pad code samples, Colin Watson
- Re: Virtual PIN pad code samples, Mike Shema
Reflection on Ivan Ristic, Anurag Agarwal
YNT: A Secure CMS?, mulker
- Re: YNT: A Secure CMS?, Jim Morgan