Scuttle

Tags: websec

Sort by: Date / Title / URL

1. How to defeat digg.com
   A page that uses xsrf to digg itself
   16-06-2006 to sessionriding, websec, xsrf by shampoo and -1 others
2. How to defeat digg.com
   A page that uses xsrf to digg itself
   16-06-2006 to sessionriding, websec, xsrf by datenkeller and -1 others
3. How to Create Secure Web Applications with Struts @ SYS-CON BELGIUM
   20-03-2006 to devel, java, security, websec by shampoo and -1 others
4. How to Create Secure Web Applications with Struts @ SYS-CON BELGIUM
   20-03-2006 to devel, java, security, websec by datenkeller and -1 others
5. Fixing OAuth
   Proposals for modifications to OAuth so that I will work better outside of the web browser.
   24-02-2009 to credentials, oauth, security, websec by shampoo and -1 others
6. PortSwigger.net - web application security: Introducing Burp Sequencer
   22-10-2007 to security, tools, websec by shampoo and -1 others
7. Community cookie logger
   An open webservice, that let cute little XSSler store their stolen session credentials
   30-08-2006 to security, websec, xss by shampoo and -1 others
8. Community cookie logger
   An open webservice, that let cute little XSSler store their stolen session credentials
   30-08-2006 to security, websec, xss by datenkeller and -1 others
9. Skipfish
   Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.
   21-03-2010 to blackbox, google, opensource, tools, websec by shampoo and -1 others
10. Skipfish
    Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.
    21-03-2010 to security, software, sysadmin, tool, webdev, websec by totpunk and -1 others

First / Previous / Next / Last / Page 1 of 9