Archive for October, 2007
Operation n: Evolution
Just to give our readers a heads up, you would have noticed Wooshy has joined in the project and has been releasing some cracking content.
What’s more, michaeldaw . org has been evolving for some time! Ive been tossing and turning in my bed at night and in my mind during the day to try find [...]
Never trust a stranger…
No it’s not about stalking, this time. But trust relationships are firmly on my mind and I ain’t talking about my private life neither!
As you may know there’s lots of trust relationships in computing. Those of you who love Microsoft would know about trust relationships from back in the day. And to me, they are [...]
XSS tutorial & filtering
I found this interesting site on XSS. It’s a good tutorial if you want to show a newbie/novice something. And certainly demonstrates XSS and cookie stealing quite handily.
http://www.steve.org.uk/Hacks/XSS/index.html
It’s a bit thin on the xss filtering side. There really should be a white paper on XSS filtering techniques. If not, why the hell not! The following [...]
Facebook used against you!
This is taken from a newspaper a week or two ago… And I would have used its title ‘Facebook doggers suspended’ but you may get the wrong idea!
Two pupils have been suspended from a private school after they were found to be members of a ‘dogging’ group featured in facebook.
The Reigate Grammar School students were [...]
Undisclosed Authenticated XSS
Some cross-site scripting (xss) attacks only occur when you are logged in. Now one corporate web content management system that I was testing, did not appear to have any significant vulnerabilities listed on any of the main security sites. So I was a bit surprised to find a XSS issue in accessing the profile of [...]
