security.websecurity (thread)

WASC Distributed Open Proxy Honeypot Project in the news, robert
Latest round of web hacking incidents for 2007 & Project news, Ofer Shezaf
Internet Explorer Download Zones Mix-up leads to XSS, Yair Amit
Re: Design flaw in AS3 socket handling allows port probing, fukami
Orkut XSS Worm, bugtraq
SquirrelMail Server Compromised, Sourcecode Modified, bugtraq
Google AJAX SEARCH API and ghdb, Gleb Paharenko
Securing & Hardening Linux v1.0, Charalambous Glafkos - ASTALAVISTA the hacking & security community
Performing Distributed Brute Forcing of CSRF vulnerable login pages, bugtraq
- Re: Performing Distributed Brute Forcing of CSRF vulnerable login pages, kuza55
- Re: Performing Distributed Brute Forcing of CSRF vulnerable login pages, haroon meer
  - Re: Performing Distributed Brute Forcing of CSRF, bugtraq
WASC Announcement: The Script Mapping Project Results, announcements
Site which do not pass %0d%0a to Location header, but allows others, Gleb Paharenko
burp suite v1.1 released, PortSwigger
- Re: burp suite v1.1 released, euronymous
suggestion for bachelor thesis?, euronymous
- Re: suggestion for bachelor thesis?, Gleb Paharenko
- Re: suggestion for bachelor thesis?, Stephen de Vries
  - Re: suggestion for bachelor thesis?, euronymous
  - Re: suggestion for bachelor thesis?, Romain Gaucher
Best Captcha's?, bugtraq
- RE: Best Captcha's?, Truxaw, Matthew
  - Re: Best Captcha's?, impulse
    - Re: Best Captcha's?, Romain Gaucher
    - Re: Best Captcha's?, impulse
    - Re: Best Captcha's?, Romain Gaucher
    - Re: Best Captcha's?, Romain Gaucher
    - Re: Best Captcha's?, joop gerritse
- Re: Best Captcha's?, J. Oquendo
Defining scope of a web application pentest!, Vishal Garg
- Re: Defining scope of a web application pentest!, Andre Gironda
input validation with servlet filters, Jim Weiler
Query: Cross site request forgery vulnerability manual testing, surendra kumar
- Re: Query: Cross site request forgery vulnerability manual testing, bugtraq
- Re: Query: Cross site request forgery vulnerability manual testing, Jeff Williams
RE: Facebook Beacon Still alive after press release..., Dennis Groves
Re: DNS Rebinding (or anti DNS pinning) - it's not just about the Intranet, Kanatoko
bypass an escaped character, pUm
- Re: bypass an escaped character, Gleb Paharenko
  - Re: bypass an escaped character, pUm
SecNiche Garbage Dumps on mailinglists, Lamer Buster
Re: SQL injection question, also vulnerabel to XSS, Luis Matus
- Re: SQL injection question, also vulnerabel to XSS, Daniel Herrera
  - RE: SQL injection question, also vulnerabel to XSS, Hoffman, Billy
    - Re: SQL injection question, also vulnerabel to XSS, John Terrill
    - Re: SQL injection question, also vulnerabel to XSS, Arian J. Evans
    - RE: SQL injection question, also vulnerabel to XSS, Daniel Herrera
- Re: SQL injection question, also vulnerabel to XSS, Paul Schmehl
- Re: SQL injection question, also vulnerabel to XSS, Daniel Herrera
The first release of SWFIntruder is out !, Stefano Di Paola
Analyzing the Effectiveness and Coverage of Web Application Scanners - Take II, Ory Segal
[WhitePaper (SecNiche)] Information Prone LDAP Garbage Dumps, AKS aka (0kn0ck)
Re: Http splitting does not work with mod_proxy, li bo
Introducing GPCul8r, Eric Rachner
Re: SQL injection question, Zapotek
- RE: SQL injection question, Truxaw, Matthew
- Re: SQL injection question, Daniel Herrera
  - Re: SQL injection question, Luis Matus
    - Re: SQL injection question, Daniel Herrera
- Re: SQL injection question, Srinivasan
  - RE: SQL injection question, White, Dain P
- Re: SQL injection question, Francois Larouche