Scuttle

Tags: java + cross-site-scripting(xss)

Sort by: Date / Title / URL

1. Erklärt: So nutzen Hacker Cross Site Request Forgery für Angriffe - internetmagazin - Magnus.de Wenn es nach Hackern ginge, würden sie am liebsten gar keine Spuren hinterlassen. Eine XRSF-Attacke (Cross-Site Request Forgery, XSRF, CSRF) basiert auf gefälschten Anfragen, die ausgeführt werden, weil der Webserver einem vermeintlich authentifizierte 23-05-2011 to code-injection, cross-site-scripting(xss), java, security by matze

2. Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet - OWASP Cross-Site Request Forgery (CSRF) is a type of attack that occurs when a malicious Web site, email, blog, instant message, or program causes a user’s Web browser to perform an unwanted action on a trusted site for which the user is currently authenticat 23-05-2011 to code-injection, cross-site-scripting(xss), java, security by matze

3. Angriffe auf Webanwendungen – Teil 1: XSS (+Beispielangriff) | davblog: webdev and stuff Das ist der Anfang einer kleinen Serie, die das Thema “Websecurity” umreißt. Dabei werde ich mit konkreten Angriffsszenarien auf die Techniken XSS, Session Highjacking + Session Fixation, SQL Injection und CSRF eingehen. Die Grundlage legen wir mit d 19-05-2011 to code-injection, cross-site-scripting(xss), java, security by matze

4. Details zum CSRF-Schutz in CodeIgniter 2.0 - Bastian Heist - Webdesign Entwicklung Hosting Details zum CSRF-Schutz in CodeIgniter 2.0 Cross Site Request Forgery (CSRF) ist eine der am weitesten verbreiteten Schwachstellen in Webanwendungen. Wie angekündigt, wird CodeIgniter 2.0 einen eingebauten CSRF-Schutz enthalten. Diesen möchte ich jetzt 19-05-2011 to code-injection, cross-site-scripting(xss), java, security by matze

5. ModSecurity Content Injection Demo ModSecurity Content Injection Demo: XSS Defense with Active Content Signatures The purpose of this demo is to show possible XSS defenses by using ModSecrity's Content Injection capability to insert defensive Javascript to the beginning of html responses. 19-05-2011 to code-injection, cross-site-scripting(xss), java, security by matze

6. Preventing CSRF with JSF 2.0 | Javalobby Have you ever had the need for higher security in one of your applications? Than you are probably familiar with the following topic. If not, I am going to tell you a little bit about attacks and web application security before we move over to implement a 19-05-2011 to code-injection, cross-site-scripting(xss), java, security by matze

7. ModSecurity Content Injection Demo The purpose of this demo is to show possible XSS defenses by using ModSecrity's Content Injection capability to insert defensive Javascript to the beginning of html responses. This demo uses Eduardo (sirdarckcat) Vela's Active Content Signatures (ACS) c 18-05-2011 to code-injection, cross-site-scripting(xss), java, security by matze

8. Make Your Java Web Applications Impervious to Cross-site Scripting - Developer.com Make Your Java Web Applications Impervious to Cross-site Scripting 18-05-2011 to code-injection, cross-site-scripting(xss), java, security by matze

9. HDIV (HTTP Data Integrity Validator) We can briefly define HDIV as a Java Web Application Security Framework. HDIV extends web applications’ behaviour by adding Security functionalities, maintaining the API and the framework specification. This implies that we can use HDIV in applications 18-05-2011 to code-injection, cross-site-scripting(xss), java, security by matze

10. jsf - CSRF validation using Tomcat 6 without using external packages - Stack Overflow JSF has already builtin protection against CSRF by the javax.faces.ViewState hidden field which is to be linked with the state of the component tree in the server side. If this hidden field is missing or contains a wrong value, then JSF simply won't proc 18-05-2011 to code-injection, cross-site-scripting(xss), java, security by matze

First / Previous / Next / Last / Page 1 of 3