November 2, 2007 – 6:19 pm
DEMO
This post was due since the Bank of India hack incident, and was fueled by PDP’s Drive-by Java post, which is a very simple, yet a well thought of extension (sort of) to the Drive-by Download attack. This post is aimed to provide a clearer understanding of the Drive-by Download attack (via a demo).
Citing Wikipedia, [...]
October 12, 2007 – 5:54 pm
Update: I somehow managed to make a blunder. A part of slide no. 12 was taken from David Kierznowski’s (of GNUCitizen and Blogsecurity group) presentation for OWASP Belgium Conf. I missed out on mentioning David’s name is the credits. Apologies David. I’ve updated and re-uploaded it.
Yesterday, I presented my first Webinar (Seminar on [...]
By Bipin 3 Upadhyay
|
Posted in csrf, defacement, google, hack, hackers, humour, life, review, script, security, webappsec, xss
|
September 13, 2007 – 11:59 am
I know, I know… the title sounds like a cheap promotion ad.
As I mentioned in my previous entry that Giorgio has addressed our (mine and Gareth’s) request to block iframes using NoScript. I must, however, admit that I did not expect it to be this fast. NoScript 1.1.7.1 (SilverNight) is here. The changelog [...]
September 10, 2007 – 3:22 pm
Update: Aah. It’s not that there couldn’t have been any better news :P, but today’s News is that Ma1 has agreed to provide feature to block frames through NoScript from the next version (1.1.7). NoScripts Rocks.
Oh and Yes! Ma1 Rocks too …;)
I have been pretty busy since the last few weeks (and this trend [...]