The Web Security Mailing List (2007 December)

• Date Index

• [WEB SECURITY] WASC Distributed Open Proxy Honeypot Project in the news, robert
• [WEB SECURITY] Latest round of web hacking incidents for 2007 & Project news, Ofer Shezaf
• [WEB SECURITY] Internet Explorer Download Zones Mix-up leads to XSS, Yair Amit
• [WEB SECURITY] Re: Design flaw in AS3 socket handling allows port probing, fukami
• [WEB SECURITY] Orkut XSS Worm, bugtraq
• [WEB SECURITY] SquirrelMail Server Compromised, Sourcecode Modified, bugtraq
• [WEB SECURITY] Google AJAX SEARCH API and ghdb, Gleb Paharenko
• [WEB SECURITY] Securing & Hardening Linux v1.0, Charalambous Glafkos - ASTALAVISTA the hacking & security community
• [WEB SECURITY] Performing Distributed Brute Forcing of CSRF vulnerable login pages, bugtraq
  • Message not available
    • Re: [WEB SECURITY] Performing Distributed Brute Forcing of CSRF vulnerable login pages, kuza55
  • Re: [WEB SECURITY] Performing Distributed Brute Forcing of CSRF vulnerable login pages, haroon meer
    • Re: [WEB SECURITY] Performing Distributed Brute Forcing of CSRF, bugtraq
• [WEB SECURITY] WASC Announcement: The Script Mapping Project Results, announcements
• [WEB SECURITY] Site which do not pass %0d%0a to Location header, but allows others, Gleb Paharenko
• [WEB SECURITY] burp suite v1.1 released, PortSwigger
  • Re: [WEB SECURITY] burp suite v1.1 released, euronymous
• [WEB SECURITY] suggestion for bachelor thesis?, euronymous
  • Re: [WEB SECURITY] suggestion for bachelor thesis?, Gleb Paharenko
  • Re: [WEB SECURITY] suggestion for bachelor thesis?, Stephen de Vries
    • Re: [WEB SECURITY] suggestion for bachelor thesis?, euronymous
    • Re: [WEB SECURITY] suggestion for bachelor thesis?, Romain Gaucher
• [WEB SECURITY] Best Captcha's?, bugtraq
  • RE: [WEB SECURITY] Best Captcha's?, Truxaw, Matthew
    • Re: [WEB SECURITY] Best Captcha's?, impulse
      • Re: [WEB SECURITY] Best Captcha's?, Romain Gaucher
      • Re: [WEB SECURITY] Best Captcha's?, impulse
      • Re: [WEB SECURITY] Best Captcha's?, Romain Gaucher
      • Re: [WEB SECURITY] Best Captcha's?, Romain Gaucher
      • Re: [WEB SECURITY] Best Captcha's?, joop gerritse
  • <Possible follow-ups>
  • Re: [WEB SECURITY] Best Captcha's?, J. Oquendo
• [WEB SECURITY] Defining scope of a web application pentest!, Vishal Garg
  • <Possible follow-ups>
  • Re: [WEB SECURITY] Defining scope of a web application pentest!, Andre Gironda
• [WEB SECURITY] input validation with servlet filters, Jim Weiler
• [WEB SECURITY] Query: Cross site request forgery vulnerability manual testing, surendra kumar
  • Re: [WEB SECURITY] Query: Cross site request forgery vulnerability manual testing, bugtraq
  • <Possible follow-ups>
  • Re: [WEB SECURITY] Query: Cross site request forgery vulnerability manual testing, Jeff Williams
• [WEB SECURITY] RE: Facebook Beacon Still alive after press release..., Dennis Groves
• Re: [WEB SECURITY] DNS Rebinding (or anti DNS pinning) - it's not just about the Intranet, Kanatoko
• [WEB SECURITY] bypass an escaped character, pUm
  • Re: [WEB SECURITY] bypass an escaped character, Gleb Paharenko
    • Re: [WEB SECURITY] bypass an escaped character, pUm
• Re: [WEB SECURITY] SQL injection question, also vulnerabel to XSS, Luis Matus
  • Re: [WEB SECURITY] SQL injection question, also vulnerabel to XSS, Daniel Herrera
    • RE: [WEB SECURITY] SQL injection question, also vulnerabel to XSS, Hoffman, Billy
      • Re: [WEB SECURITY] SQL injection question, also vulnerabel to XSS, John Terrill
      • Re: [WEB SECURITY] SQL injection question, also vulnerabel to XSS, Arian J. Evans
      • RE: [WEB SECURITY] SQL injection question, also vulnerabel to XSS, Daniel Herrera
  • Re: [WEB SECURITY] SQL injection question, also vulnerabel to XSS, Paul Schmehl
  • <Possible follow-ups>
  • Re: [WEB SECURITY] SQL injection question, also vulnerabel to XSS, Daniel Herrera
• [WEB SECURITY] The first release of SWFIntruder is out !, Stefano Di Paola
• [WEB SECURITY] Analyzing the Effectiveness and Coverage of Web Application Scanners - Take II, Ory Segal
• [WEB SECURITY] [WhitePaper (SecNiche)] Information Prone LDAP Garbage Dumps, AKS aka (0kn0ck)
• Re: [WEB SECURITY] Http splitting does not work with mod_proxy, li bo
• [WEB SECURITY] Introducing GPCul8r, Eric Rachner
• Re: [WEB SECURITY] SQL injection question, Daniel Herrera
  • Re: [WEB SECURITY] SQL injection question, Luis Matus
    • Re: [WEB SECURITY] SQL injection question, Daniel Herrera
  • <Possible follow-ups>
  • Re: [WEB SECURITY] SQL injection question, Srinivasan
    • RE: [WEB SECURITY] SQL injection question, White, Dain P
  • Re: [WEB SECURITY] SQL injection question, Francois Larouche