A page that uses xsrf to digg itself
A page that uses xsrf to digg itself
Proposals for modifications to OAuth so that I will work better outside of the web browser.
An open webservice, that let cute little XSSler store their stolen session credentials
An open webservice, that let cute little XSSler store their stolen session credentials
Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.
Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.