security.websecurity (thread)

suggesting passwords to users, Brian Eaton
- Re: suggesting passwords to users, Anurag Agarwal
  - Re: suggesting passwords to users, James Landis
  - Re: suggesting passwords to users, Wladimir Palant
- Re: suggesting passwords to users, Anurag Agarwal
  - Re: suggesting passwords to users, Wladimir Palant
    - Re: suggesting passwords to users, Albert Lunde
- Re: suggesting passwords to users, Mike Shema
- Re: suggesting passwords to users, Mike Shema
Reflection on Andrew Van der Stock, Anurag Agarwal
MITM (man in the middle), lebeau
- Re: MITM (man in the middle), John Terrill
  - Re: MITM (man in the middle), Prasad Shenoy
    - Re: MITM (man in the middle), Nick Owen
- Re: MITM (man in the middle), Thierry Zoller
- RE: MITM (man in the middle), frederic.lebeau
  - RE: MITM (man in the middle), John Terrill
Tackling A Difficult Problem - Proposed Solution, Bubba Gump
IE 7 and Firefox Browsers Digest Authentication Request Splitting, Stefano Di Paola
- Re: IE 7 and Firefox Browsers Digest Authentication Request Splitting, Amit Klein
  - Re: [Webappsec] [WEB SECURITY] IE 7 and Firefox Browsers Digest Authentication Request Splitting, Andy Steingruebl
    - Re: [Webappsec] [WEB SECURITY] IE 7 and Firefox Browsers Digest Authentication Request Splitting, Stefano Di Paola
    - Re: Re: [Webappsec] [WEB SECURITY] IE 7 and Firefox Browsers Digest Authentication Request Splitting, Chris Hofmann
    - Re: [Webappsec] [WEB SECURITY] IE 7 and Firefox Browsers Digest Authentication Request Splitting, Andy Steingruebl
    - RE: Re: [Webappsec] [WEB SECURITY] IE 7 and Firefox Browsers Digest Authentication Request Splitting, chris
    - Re: [Webappsec] [WEB SECURITY] IE 7 and Firefox Browsers Digest Authentication Request Splitting, Arian J. Evans
  - Re: IE 7 and Firefox Browsers Digest Authentication Request Splitting, Stefano Di Paola
Re: [Webappsec] script inside .txt file, Amiran Alavidze
script inside .txt file, prashant k v
- Re: script inside .txt file, Kurt Grutzmacher
  - Re: script inside .txt file, Wladimir Palant
    - Re: script inside .txt file, Bubba Gump
    - Re: [Webappsec] [WEB SECURITY] script inside .txt file, James Landis
    - Re: script inside .txt file, Brian Eaton
- Re: script inside .txt file, christ1an
- Re: script inside .txt file, Josh Zlatin-Amishav
  - Re: [Webappsec] script inside .txt file, Lee Lawson
- Re: script inside .txt file, Stefano Di Paola
- Re: script inside .txt file, Ajay Pal Singh Atwal
  - RE: script inside .txt file, Billy Hoffman
- RE: script inside .txt file, Ory Segal
Captcha and animated captcha, Lebeau Frederic
- RE: Captcha and animated captcha, Chris Weber
- Re: Captcha and animated captcha, christ1an
- Re: Captcha and animated captcha, Stephen de Vries
- RE: Captcha and animated captcha, Billy Hoffman
  - RE: Captcha and animated captcha, Marian Ion
- RE: Captcha and animated captcha, Ory Segal
- RE: Captcha and animated captcha, Chris Weber
WASC Meetup - April 18 - pictures uploaded, Anurag Agarwal
Reflection on Nish Bhalla, Anurag Agarwal
WASC-Articles: 'The business case for security frameworks', announcements
Re: [Webappsec] Tacking A Difficult Problem - MS output encoding library, Arian J. Evans
RE: [Webappsec] Tacking A Difficult Problem - Solutions, Bob Fish
Re: [Webappsec] Tacking A Difficult Problem - Solutions HTTP Response Splitting, Arian J. Evans
- Re: [Webappsec] Tacking A Difficult Problem - Solutions HTTP Response Splitting, Amit Klein
  - Re: [Webappsec] Tacking A Difficult Problem - Solutions HTTP Response Splitting, Arian J. Evans
    - Re: [Webappsec] Tacking A Difficult Problem - Solutions HTTP Response Splitting, James Landis
    - Re: Re: [Webappsec] Tacking A Difficult Problem - Solutions HTTP Response Splitting, Arian J. Evans
    - Re: Tacking A Difficult Problem - Solutions HTTP Response Splitting, Amit Klein
    - Re: [Webappsec] Tacking A Difficult Problem - Solutions HTTP Response Splitting, Amit Klein
    - Re: [Webappsec] Tacking A Difficult Problem - Solutions HTTP Response Splitting, Arian J. Evans
    - Re: Tacking A Difficult Problem - Solutions HTTP Response Splitting, Amit Klein
Re: Tacking A Difficult Problem - Solutions, Arian J. Evans
- Re: Tacking A Difficult Problem - Solutions, Amit Klein
  - Re: Tacking A Difficult Problem - Solutions, Amit Klein
- Re: Tacking A Difficult Problem - Solutions, Arian J. Evans
  - Re: [Webappsec] Tacking A Difficult Problem - Solutions, Amit Klein
- RE: Re: Tacking A Difficult Problem - Solutions, Ory Segal
  - Re: Re: Tacking A Difficult Problem - Solutions, Arian J. Evans
    - Re: Re: Tacking A Difficult Problem - Solutions, Bubba Gump
    - Re: Re: Tacking A Difficult Problem - Solutions, Arian J. Evans
SensePost Aura - aka Solving the Google API Key Problem.., Haroon Meer
Reminder: HITBSecConf2007 - Malaysia: Call for Papers closing in 2 weeks, announce
Persistent CSRF and The Hotlink Hell, pdp (architect)
- Re: Persistent CSRF and The Hotlink Hell, Ryan Barnett
  - Re: [WEB SECURITY] Persistent CSRF and The Hotlink Hell, Blue Boar
reflection on Ory segal, Anurag Agarwal
WASC-Articles: 'The Importance of Application Classification in Secure Application Development', contact
URL Encoding/Decoding Flaw Mechanism In ASP.net[1.0-2.0] Based Web Applications., Aditya K Sood
- Re: URL Encoding/Decoding Flaw Mechanism In ASP.net[1.0-2.0] Based Web Applications., Jeff Forristal
  - Re: URL Encoding/Decoding Flaw Mechanism In ASP.net[1.0-2.0] Based Web Applications., Aditya K Sood
    - RE: URL Encoding/Decoding Flaw Mechanism In ASP.net[1.0-2.0] Based Web Applications., Jeff Forristal
    - Re: URL Encoding/Decoding Flaw Mechanism In ASP.net[1.0-2.0] Based Web Applications., Aditya K Sood
Experience with Jascrypt?, Mr Zebedee
Cosign SSO Authentication Bypass, Jon Oberheide
Application Layer Anti-virus/Firewall, pdp (architect)
Jasypt 1.2 (Java Simplified Encryption) enhances Hibernate support, Daniel Fernández Garrido
WASC Announcement: Web Application Security Statistics Project - Data Published, contact
WASC Meet-Up (Sunnyvale, Ca.) April 18, 2007 @ 6pm, Jeremiah Grossman
Reflection chris shiflett, anurag . agarwal
Any opinions of the effectiveness of Binary Static Analysis?, John Johnson
- Re: Any opinions of the effectiveness of Binary Static Analysis?, Benjamin Livshits
- RE: Any opinions of the effectiveness of Binary Static Analysis?, Debasis Mohanty
CYBSEC Release: SAP Security - Paper & Tool release, Mariano Nuñez Di Croce
Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug, pdp (architect)
- Re: [WEB SECURITY] Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug, Daniel Veditz
- Re: Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug, Thor Larholm
HDIV (Http Data Integrity Validator) 1.1 Released, roberto
Vulnerable Vectors in PHP Based Redirection Pages[redirect.php4/redirect.php5], Aditya K Sood
Jikto in the wild, Billy Hoffman
- Re: Jikto in the wild, pdp (architect)
  - RE: Jikto in the wild, Billy Hoffman
From Old Bucket To New : Clobbering Of Global Variables, Aditya K Sood
RE: Preventing Cross-site Request Forgeries, Arian J. Evans
- Re: Preventing Cross-site Request Forgeries, Brian Eaton
- Re: Preventing Cross-site Request Forgeries, Stephen de Vries
  - Re: [Webappsec] [WEB SECURITY] Preventing Cross-site Request Forgeries, Jim Manico
  - Re: [Webappsec] [WEB SECURITY] Preventing Cross-site Request Forgeries, Arian J. Evans
- Re: Preventing Cross-site Request Forgeries, christ1an