security.websecurity (date)

August 31, 2007

WHITE PAPER: For my next trick… hacking Web2.0, pdp (architect)
Re: Further CSS Firefox demo, gaz_sec
Re: Further CSS Firefox demo, Joshua Ross
Re: Further CSS Firefox demo, Esam Gharish
Re: Further CSS Firefox demo, gaz_sec
Re: Further CSS Firefox demo, Esam Gharish
Further CSS Firefox demo, gaz_sec
Re: firefox extension for looping through a form?, Deeþan Chakravarthy
Re: How to detect XSS in an automated fashion, gaz_sec
firefox extension for looping through a form?, offset

August 30, 2007

Scanning internal Lan using PHP remote file opening., Stefano Di Paola
Re: How to detect XSS in an automated fashion, James Landis
Re: Why JSON/JavaScript hijacking only works on Mozilla, Daniel Veditz
RE: How to detect XSS in an automated fashion, Billy Hoffman
Re: firefox3 vuln by design?, Thomas Roessler
RE: How to detect XSS in an automated fashion, gaz_sec
Re: How to detect XSS in an automated fashion, Romain Gaucher
RE: How to detect XSS in an automated fashion, gaz_sec
RE: How to detect XSS in an automated fashion, Billy Hoffman
RE: How to detect XSS in an automated fashion, gaz_sec
RE: Why JSON/JavaScript hijacking only works on Mozilla, Billy Hoffman

August 29, 2007

Re: HTTP Proxy for thick clients, rajat swarup
Re: How to detect XSS in an automated fashion, gaz_sec
Re: Why JSON/JavaScript hijacking only works on Mozilla, Daniel Veditz
How to detect XSS in an automated fashion, Travis Altman
Re: firefox3 vuln by design?, gaz_sec
RE: HTTP Proxy for thick clients, Ofer Shezaf
Re: Why JSON/JavaScript hijacking only works on Mozilla, Daniel Veditz
Re: HTTP Proxy for thick clients, Rogan Dawes
Re: HTTP Proxy for thick clients, Shreeraj Shah
Re: HTTP Proxy for thick clients, Jeffory Atkinson
Re: HTTP Proxy for thick clients, bugtraq
24th Chaos Communication Congress 2007: Call for Participation, fukami
HTTP Proxy for thick clients, Huan Chi
firefox3 vuln by design?, bugtraq

August 27, 2007

Why JSON/JavaScript hijacking only works on Mozilla, Billy Hoffman
WASC Announcement: 'Script Mapping Project' Call for Participants, announcements
Re: Firefox CSS flaws, gaz_sec

August 26, 2007

Re: Firefox CSS flaws, Brian Eaton
Re: Firefox CSS flaws, Michael Vergoz
Intrusion Detection with Heterogenous Sensors, Bjoern Weiland
Re: Firefox CSS flaws, Brian Eaton

August 24, 2007

Firefox CSS flaws, gaz_sec
CCWAPSS : a Comprehensive security scoring method, Frederic Charpentier

August 22, 2007

Re: Announcement: Releasing CORE GRASP for PHP. An open source, dynamic web application protection system., Ezequiel Gutesman
Announcement: Releasing CORE GRASP for PHP. An open source, dynamic web application protection system., Ezequiel Gutesman

August 21, 2007

Re: Cenzic sues SPI Dynamics over Fault Injection, Mark Andrews

August 20, 2007

Re: Cenzic sues SPI Dynamics over Fault Injection, James Landis
Re: Cenzic sues SPI Dynamics over Fault Injection, Steve Orrin
Cenzic sues SPI Dynamics over Fault Injection, robert

August 17, 2007

Re: SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability, Pranay Kanwar
Know Your Enemy: Malicious Web Servers, Ryan Barnett
Re: SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability, Steven M. Christey

August 16, 2007

Re: SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability, Pranay Kanwar
Another Oracle Forensics Paper..., David Litchfield
Re: SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulner, Steven M. Christey

August 15, 2007

Re: SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability, J. Oquendo
Re: SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulner, security curmudgeon
Re: [Full-disclosure] SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability, Aditya K Sood
SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability, Aditya K Sood
Re: [WEB SECURITY] Seeking feedback on proposed security restriction in the browsers, Amit Klein
Re: [WEB SECURITY] Seeking feedback on proposed security restriction in the browsers, Amit Klein
Re: [WEB SECURITY] Seeking feedback on proposed security restriction in the browsers, Amit Klein
Re: SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability, Aditya K Sood
Re: SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability, Debasis Mohanty
Re: Rough Cut of To-Be-Published Ajax Security, pdp (architect)
RE: Rough Cut of To-Be-Published Ajax Security, Billy Hoffman
SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability, Aditya K Sood

August 14, 2007

Re: Rough Cut of To-Be-Published Ajax Security, Dean H. Saxe

August 13, 2007

WASC Announcement: 'WASSEC Project' Call for Participants, announcements
Re: Seeking feedback on proposed security restriction in the browsers, James Landis
Re: Seeking feedback on proposed security restriction in the browsers, Andy Steingruebl
Re: Seeking feedback on proposed security restriction in the browsers, Gervase Markham
Re: Seeking feedback on proposed security restriction in the browsers, anurag . agarwal
Re: Seeking feedback on proposed security restriction in the browsers, Brian Eaton
Re: SQL Injection, ORDER BY plus DROP TABLE, Ali Soylu
Re: SQL Injection, ORDER BY plus DROP TABLE, Prasad Shenoy

August 12, 2007

Did webapp developers learn from Samy worm?, Anurag Agarwal
SQL Injection, ORDER BY plus DROP TABLE, Harry Muchow
Re: Seeking feedback on proposed security restriction in the browsers, pdp (architect)
Re: Seeking feedback on proposed security restriction in the browsers, pdp (architect)
Re: Seeking feedback on proposed security restriction in the browsers, anurag . agarwal
Re: Seeking feedback on proposed security restriction in the browsers, anurag . agarwal
Re: Seeking feedback on proposed security restriction in the browsers, anurag . agarwal
Facebook Homepage Source Code Probably Leaked, pdp (architect)
RE: Rough Cut of To-Be-Published Ajax Security, Billy Hoffman
Re: Seeking feedback on proposed security restriction in the browsers, andre

August 11, 2007

Re: Seeking feedback on proposed security restriction in the browsers, Jeremiah Grossman
Re: Seeking feedback on proposed security restriction in the browsers, Jeremiah Grossman
Re: Seeking feedback on proposed security restriction in the browsers, pdp (architect)
Re: Seeking feedback on proposed security restriction in the browsers, Amit Klein
Re: Seeking feedback on proposed security restriction in the browsers, Amit Klein
RE: Seeking feedback on proposed security restriction in the browsers, Ory Segal
Re: Seeking feedback on proposed security restriction in the browsers, Prasad Shenoy
Re: Seeking feedback on proposed security restriction in the browsers, Ryan Barnett
Re: Seeking feedback on proposed security restriction in the browsers, Brian Eaton
Rough Cut of To-Be-Published Ajax Security, Andre Gironda

August 10, 2007

Re: Seeking feedback on proposed security restriction in the browsers, anurag . agarwal
Re: Seeking feedback on proposed security restriction in the browsers, Jeremiah Grossman
Re: Seeking feedback on proposed security restriction in the browsers, Amit Klein
Seeking feedback on proposed security restriction in the browsers, Anurag Agarwal
New Oracle Forensics Paper, David Litchfield
BlackHat/Defcon 2007 Timing Stuff Released.., haroon
Re: What do security researchers want in a security disclosure policy to reduce their liability?, Mark Andrews
Re: What do security researchers want in a security disclosure policy to reduce their liability?, Bubba Gump

August 09, 2007

Re: MachineID fingerprinting, Andy Steingruebl
Re: MachineID fingerprinting, Mike Fratto
What do security researchers want in a security disclosure policy to reduce their liability?, Andy Steingruebl
Design flaw in AS3 socket handling allows port probing, fukami

August 08, 2007

Re: [Mlabs-SecNiche] Bug Wars : The Lost Matrix of Security Vectors, Prasad Shenoy
Re: MachineID fingerprinting, Brian Eaton
RE: MachineID fingerprinting, Billy Hoffman
[Mlabs-SecNiche] Bug Wars : The Lost Matrix of Security Vectors, Aditya K Sood
Re: MachineID fingerprinting, GadgetTrak
Re: MachineID fingerprinting, robert
RE: MachineID fingerprinting, Billy Hoffman
Re: MachineID fingerprinting, robert
Re: MachineID fingerprinting, Esam Gharish
Re: MachineID fingerprinting, Brian Eaton
RE: MachineID fingerprinting, Tom Stripling
RE: MachineID fingerprinting, Mario Contestabile
Re: MachineID fingerprinting, Walt Williams
RE: MachineID fingerprinting, Glenn.Everhart
Re: MachineID fingerprinting, robert
Re: MachineID fingerprinting, Daniel McLaughlin
Re: MachineID fingerprinting, robert
RE: MachineID fingerprinting, White, Dain P
Re: MachineID fingerprinting, robert
RE: MachineID fingerprinting, robert.purvis
MachineID fingerprinting, robert

August 07, 2007

RE: Risk in Validating new password at client side, Joe Yeager
Mozilla Releases JavaScript Fuzzer, bugtraq
Pictures from WASC/OWASP party in vegas, robert

August 06, 2007

Re: Risk in Validating new password at client side, Chris Varenhorst
Re: Risk in Validating new password at client side, Pranay Kanwar
RE: Risk in Validating new password at client side, White, Dain P
Risk in Validating new password at client side, Appsec Punter

August 05, 2007

Re: List slowdown during blackhat, robert
RE: False Positives with .NET's Request Validation?, James Strassburg

August 04, 2007

Re: False Positives with .NET's Request Validation?, Arian J. Evans

August 01, 2007

Re: [WEB SECURITY] *****SPAM***** New Wordpress 2.2.1 Vulnerabilities and the First Weblog XSS Worm, neil-webappsec-org