from:"Stefano Di Paola"

Re: [SC-L] JavaScript Hijacking

2007-04-02 Thread Stefano Di Paola

Brian, i don't know if you read it but me and Giorgio Fedon presented a paper named Subverting Ajax at 23rd CCC Congress. (4th section XSS Prototype Hijacking) http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf It described a technique called Prototype Hijacking,

[SC-L] DOMinator - The DOMXss Analyzer Tool - is finally public

2011-05-18 Thread Stefano Di Paola

...oOOo Stefano Di Paola Software Security Engineer Owasp Italy RD Director Web: www.wisec.it Twitter: http://twitter.com/WisecWisec .. ___ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions

[SC-L] jQuery is a Sink

2011-07-28 Thread Stefano Di Paola

Guys, maybe the client side security people may be interested : http://blog.mindedsecurity.com/2011/07/jquery-is-sink.html Cheers, Stefano -- ...oOOo...oOOo Stefano Di Paola Software Security Engineer Owasp Italy RD Director Web: www.wisec.it Twitter: http://twitter.com/WisecWisec

Re: [SC-L] JavaScript Hijacking

[SC-L] DOMinator - The DOMXss Analyzer Tool - is finally public

[SC-L] jQuery is a Sink

3 matches

Site Navigation

Mail list logo

Footer information