kuza55.blogspot.com

Web Security Research» Alex's Corner

Thursday, July 16, 2009. It's been a while. In any case, I did some presentations recently and thought I should probably put details up here. I also did a talk at RUXCON and 25c3 with Stefano Di Paola. And I even spelled his surname correctly this time! Called Attacking Rich Internet Applications, so here are some materials:. Here is the PoC exploit:. This is just a PoC, have a look through about:config for any string entry you would want to change. Header ("HTTP/1.1 200 OK BR B Mime Type /B : text/h...

http://kuza55.blogspot.com/

OVERVIEW OF kuza55.blogspot.com

TRAFFIC RANK

>1,000,000

REVIEWS

0

PAGES IN THIS WEBSITE

19

LINKS TO THIS WEBSITE

CONTACTS

ADDRESSES

SOCIAL LINKS

ONLINE SINCE

WEBSITE DETAILS

SEO

PAGES

SIMILAR SITES

TRAFFIC RANK FOR KUZA55.BLOGSPOT.COM

TODAY'S RATING

>1,000,000

TRAFFIC RANK - AVERAGE PER MONTH

BEST MONTH

December

AVERAGE PER DAY Of THE WEEK

HIGHEST TRAFFIC ON

Thursday

TRAFFIC BY CITY

Sign up

CUSTOMER REVIEWS

Average Rating: 4.3 out of 5 with 17 reviews

5 star

8

4 star

6

3 star

3

2 star

0

1 star

0

Hey there! Start your review of kuza55.blogspot.com

AVERAGE USER RATING

Write a Review

WEBSITE PREVIEW

LOAD TIME

0.3 seconds

FAVICON PREVIEW

16x16
32x32

CONTACTS AT KUZA55.BLOGSPOT.COM

ADD CONTACT

Login

TO VIEW CONTACTS

Remove Contacts

FOR PRIVACY ISSUES

CONTENT

PAGES IN
THIS WEBSITE

19

SSL

EXTERNAL LINKS

118

SITE IP

172.217.9.225

LOAD TIME

0.282 sec

SCORE

6.2

PAGE TITLE

Web Security Research» Alex's Corner | kuza55.blogspot.com Reviews

<META> DESCRIPTION

Thursday, July 16, 2009. It's been a while. In any case, I did some presentations recently and thought I should probably put details up here. I also did a talk at RUXCON and 25c3 with Stefano Di Paola. And I even spelled his surname correctly this time! Called Attacking Rich Internet Applications, so here are some materials:. Here is the PoC exploit:. This is just a PoC, have a look through about:config for any string entry you would want to change. Header (HTTP/1.1 200 OK BR B Mime Type /B : text/h...

<META> KEYWORDS

1 alex's corner

2 slides

3 paper

4 ruxcon slides

5 25c3 video recordings

6 posted by

7 no comments

8 labels conferences

9 javascript

10 security all

CONTENT

Page content here

KEYWORDS ON PAGE

alex's corner,slides,paper,ruxcon slides,25c3 video recordings,posted by,no comments,labels conferences,javascript,security all,web app sec,4 comments,ie8 xss filter,people,for more details,script,eval name,location=name;/,ab=c;/,a b =c;/,document cookie

SERVER

GSE

CONTENT-TYPE

utf-8

GOOGLE PREVIEW

Web Security Research» Alex's Corner | kuza55.blogspot.com Reviews

https://kuza55.blogspot.com

Thursday, July 16, 2009. It's been a while. In any case, I did some presentations recently and thought I should probably put details up here. I also did a talk at RUXCON and 25c3 with Stefano Di Paola. And I even spelled his surname correctly this time! Called Attacking Rich Internet Applications, so here are some materials:. Here is the PoC exploit:. This is just a PoC, have a look through about:config for any string entry you would want to change. Header ("HTTP/1.1 200 OK BR B Mime Type /B : text/h...

INTERNAL PAGES

kuza55.blogspot.com

1

Web Security Research» Alex's Corner: January 2008

http://kuza55.blogspot.com/2008_01_01_archive.html

Saturday, January 19, 2008. 24c3 Presentation and Research. I did a presentation entitled Unusual Web Bugs. A few weeks ago, for which you can find slides and video for on the first link. However, since some of the things I presented were some of my own research which I haven't posted anywhere, I'll write a couple of posts about that in the next couple of days. There isn't too much though, so there's no need to get your hopes up, and if you've seen the video, you already know it. Links to this post.

2

Web Security Research» Alex's Corner: Is framework-level SQL query caching dangerous?

http://kuza55.blogspot.com/2008/08/is-framework-level-sql-query-caching.html

Sunday, August 03, 2008. Is framework-level SQL query caching dangerous? I was in a bookshop a few months ago and picked up a book about Ruby on Rails, and though I sadly didn't buy it (having already bought more books than I wanted to carry) and I've forgotten it's name, there was an interesting gem in there that stuck in my head. But in any case, it still seems dangerous. Assuming that flushing the cache is fairly granular operation (or there is very little activity on the table or users are stored as ...

3

Web Security Research» Alex's Corner: Dynamic XSS Payloads in the face of NoScript

http://kuza55.blogspot.com/2008/09/dynamic-xss-payloads-in-face-of.html

Wednesday, September 24, 2008. Dynamic XSS Payloads in the face of NoScript. While participating in the CSAW CTF. So, in light of that, I was thinking of how we could load our payload from off-site, without the remote site running JavaScript. Of course, I am assuming you have already bypassed NoScript's XSS Filters (e.g. because the attack was persistent), but this information is particularly useful for persistent attacks when you may want to change the payload. Wednesday, September 24, 2008. It could be...

4

Web Security Research» Alex's Corner: April 2008

http://kuza55.blogspot.com/2008_04_01_archive.html

Saturday, April 12, 2008. How much do you trust your DNS operator? TechCrunch recently broke a story about Network Solutions hijacking users' unused subdomains for advertising. It seems to have only applied to people using Network Solutions for their shared hosting, and seems to have been removed now. (None of the IPs I tested on the same machine returned advertising for their non-existent subdomains) And on top of that we know that anyone who is on shared hosting is pretty easy pickings. Now you may tru...

5

Web Security Research» Alex's Corner: It's been a while

http://kuza55.blogspot.com/2008/09/its-been-while.html

Thursday, July 16, 2009. It's been a while. In any case, I did some presentations recently and thought I should probably put details up here. I also did a talk at RUXCON and 25c3 with Stefano Di Paola. And I even spelled his surname correctly this time! Called Attacking Rich Internet Applications, so here are some materials:. Here is the PoC exploit:. This is just a PoC, have a look through about:config for any string entry you would want to change. Header ("HTTP/1.1 200 OK BR B Mime Type /B : text/h...

UPGRADE TO PREMIUM TO VIEW 14 MORE

TOTAL PAGES IN THIS WEBSITE

19

LINKS TO THIS WEBSITE

thespanner.co.uk

RPO

http://www.thespanner.co.uk/2014/03/21/rpo

Javascript blog with messed up syntax inside. Friday, 21 March 2014. Https:/ hackvertor.co.uk/public. Link href=styles.css rel=stylesheet type=text/css /. The link element above references style.css using a relative URL, depending where in the sites directory structure you are it will load the style sheet based on that. For example if you were in a directory called xyz then the style sheet would be loaded from xyz/style.css . I noticed something interesting with relative styles, manipulating the path of ...

nomoreroot.blogspot.com

No More Root: August 2008

http://nomoreroot.blogspot.com/2008_08_01_archive.html

Information security, exploits, database security, web application security, windows security, hacking, 0day, whatever, etc. Aug 30, 2008. Since IE8 beta2 is out I downloaded and installed it, I wanted to take a look at the brand new XSS filter ( See here. 1) Basically I wanted to see how good it's at filtering XSS, I tried some tricks and it seems to work fine filtering all known XSS attack vectors, etc. So far very good work of MS people. After continuing testing the XSS filter I got a bit disappointed.

soroush.secproject.com

Soroush Dalili Links - Domains

https://soroush.secproject.com/links

Http:/ www.secproject.com/. Http:/ www.twitter.com/irsdl. Http:/ soroush.secproject.com/. Http:/ dalili.secproject.com/. Http:/ irsdl.secproject.com/. Http:/ dalili.soroush.me/. Http:/ irsdl1.wordpress.com/. Source: http:/ www.owasp.org/index.php/Feed. ACE Team – Microsoft. Adam Boulton’s Blog. Adam Shostack – Emergent Chaos. Andrew Jacquith – securitymetrics. Andrew van der Stock – cat slave diary. Andy Steingruebl – Security Retentive. Anton Chuvakin Blog – "Security Warrior". Dark Reading: Snake Bytes.

websec.wordpress.com

Papers | Reiners' Weblog

https://websec.wordpress.com/papers

Anything about Web Security. Code Reuse Attacks in PHP: Automated POP Chain Generation. Johannes Dahse, Nikolai Krein, Thorsten Holz. 21st ACM Conference on Computer and Communications Security (CCS). Scottsdale, Arizona, USA, November 2014. Best Student Paper Award *. Static Detection of Second-Order Vulnerabilities in Web Applications. Johannes Dahse, Thorsten Holz. 23rd USENIX Security Symposium. San Diego, CA, USA, August 2014. Internet Defense Prize *. Johannes Dahse, Thorsten Holz.

seguranca-informatica.net

Segurança Informática: plane hacking

http://www.seguranca-informatica.net/2015/05/plane-hacking.html

Blog com comentários e notícias sobre segurança informática e confiabilidade de computadores e redes - http:/ www.seguranca-informatica.net/. Breaking: The security researcher was able to issue a climb command and make the plane change course, the document states." E isto vindo de uma indústria que sempre levou muito a sério a segurança (safety) :-(. Feds Say That Banned Researcher Commandeered a Plane - Wired.com. Segurança no Software - Livro. Top data breaches 2015. Para além do Stuxnet. Mind Streams ...

seguranca-informatica.net

Segurança Informática: Onde não guardar passwords

http://www.seguranca-informatica.net/2015/04/onde-nao-guardar-passwords.html

Blog com comentários e notícias sobre segurança informática e confiabilidade de computadores e redes - http:/ www.seguranca-informatica.net/. Onde não guardar passwords. Segurança no Software - Livro. Top data breaches 2015. Começam os top 10s de 2015: Biggest data breaches of 2015 From Ashley Madison to VTech it has been a nasty data breach yea. Para além do Stuxnet. Stuxnet - o filme. Lições de segurança de um filme do 007. Notícias: ZDNet Zero Day. Notícias: Schneier on Security. Dragos Lungu Dot Com.

seguranca-informatica.net

Segurança Informática: brinquedos da NSA para todos

http://www.seguranca-informatica.net/2015/08/os-brinquedos-da-nsa.html

Blog com comentários e notícias sobre segurança informática e confiabilidade de computadores e redes - http:/ www.seguranca-informatica.net/. Brinquedos da NSA para todos. When Der Spiegel and Jacob Appelbaum published leaked pages of the National Security Agency's ANT Catalog. In less than 18 months since the catalog's leak, the NSA Playset. 8212;the infamous bug Soviet spies planted inside the US Embassy in Moscow.)". Artigo completo na ArsTechnica. Segurança no Software - Livro. Top data breaches 2015.

seguranca-informatica.net

Segurança Informática: Seccubus

http://www.seguranca-informatica.net/2015/04/seccubus.html

Blog com comentários e notícias sobre segurança informática e confiabilidade de computadores e redes - http:/ www.seguranca-informatica.net/. Seccubus automates vulnerability scanning with: Nessus, OpenVAS, NMap, SSLyze, Burp, Medusa, SkipFish, OWASP ZAP and SSLlabs. Segurança no Software - Livro. Top data breaches 2015. Começam os top 10s de 2015: Biggest data breaches of 2015 From Ashley Madison to VTech it has been a nasty data breach yea. Para além do Stuxnet. Stuxnet - o filme. Dragos Lungu Dot Com.

seguranca-informatica.net

Segurança Informática: Evitar vulnerabilidades de projecto no software

http://www.seguranca-informatica.net/2015/03/evitar-vulnerabilidades-de-projecto-no.html

Blog com comentários e notícias sobre segurança informática e confiabilidade de computadores e redes - http:/ www.seguranca-informatica.net/. Evitar vulnerabilidades de projecto no software. Há muito trabalho em evitar vulnerabilidades de codificação. Este documento é sobre evitar vulnerabilidades de projecto:. AVOIDING THE TOP 10 SOFTWARE SECURITY DESIGN FLAWS (pdf). Segurança no Software - Livro. Top data breaches 2015. Para além do Stuxnet. Stuxnet - o filme. Lições de segurança de um filme do 007.

xssed.org

Links | XSSed.com

http://www.xssed.org/links

D1ms IT security blog. Our Brazilian friends of Zone-H. RSnakes and ids web application security blog. RSnakes and ids web application security forum. Kuza55s web security related blog. Sids homepage. Author of the XSS Assistant. Script for the Greasemonkey. Firefox extension. It allows submitting of XSS vulnerabilities to our archive. Home of the famous ICT security conference. Also one of the best ICT security forums on the web. Russ McRees website and blog. This site has been created by p3lo. In order...

UPGRADE TO PREMIUM TO VIEW 108 MORE

TOTAL LINKS TO THIS WEBSITE

118

OTHER SITES

kuza.org

Moj kuža – Dogs are not our whole life, but they make our lives whole. ~Roger Caras

Dogs are not our whole life, but they make our lives whole. Roger Caras. November 14, 2017. Julij 7, 2017. V želji obisku enega jezera smo se danes odpravili na prvi obisk Belopeskih jezer. Pa sva s Sinbadom naredila tole slikco. Maj 30, 2017. Je žoga še vedno moja najljubša igrača. Maj 28, 2017. Maj 17, 2017. Pasje “trpljenje”. April 25, 2017. Srečno Novo leto 2017. December 24, 2016. Božični Dunaj z ogledom znamenitosti. December 16, 2015. Pa sem mu povedal na uho. Marec 13, 2015. December 30, 2014.

kuza.si

Moj Kuza | Salon za nego velikih in malih psov

Je nastal iz ljubezni do štirinožnih prijateljev. Skrbimo za nego in zadovoljstvo tako velikih kot malih psov. Striženje po pasemskih standardih. Z vesesljem pa se prilagodimo tudi vašim željam. Medtem ko bo vaš ljubljenček užival v negi, lahko v bližini salona opravite vsakodnevne nakupe ali pa si privoščite kavico. Po opravljenjem tretmaju čaka vsakega psička še priboljšek, zato le pridite k nam :). Z veseljem vas pričakujemo,Moj kuža. Poveži te se z nami. Profesionalen pasji frizerski salon.

kuza.skyrock.com

kuza's blog - Blog de kuza - Skyrock.com

11/03/2013 at 3:26 PM. 11/03/2013 at 3:47 PM. 1575;لـقــدر هــو مـــن يـقـــرر : مـــن ستقـــاب. Subscribe to my blog! 1575;لـقــدر هــو مـــن يـقـــرر : مـــن ستقـــابل فـــي حيـاتـــك! The author of this blog only accepts comments from friends. You haven't logged in. Click here to post a comment using your Skyrock username. And a link to your blog, as well as your photo, will be automatically added to your comment. Posted on Monday, 11 March 2013 at 3:47 PM. Post to my blog. Here you are free.

kuza18.skyrock.com

Kuza18's blog - Blog de Kuza18 - Skyrock.com

30/06/2015 at 10:12 AM. 30/06/2015 at 10:12 AM. Subscribe to my blog! This blog has no articles. Post to my blog. Here you are free.

kuza55.blogspot.com

Web Security Research» Alex's Corner

Thursday, July 16, 2009. It's been a while. In any case, I did some presentations recently and thought I should probably put details up here. I also did a talk at RUXCON and 25c3 with Stefano Di Paola. And I even spelled his surname correctly this time! Called Attacking Rich Internet Applications, so here are some materials:. Here is the PoC exploit:. This is just a PoC, have a look through about:config for any string entry you would want to change. Header ("HTTP/1.1 200 OK BR B Mime Type /B : text/h...

kuza9.deviantart.com

kuza9 (RIP Black Hair 8/17/08) - DeviantArt

Window.devicePixelRatio*screen.width 'x' window.devicePixelRatio*screen.height) :(screen.width 'x' screen.height) " class="mi". Window.devicePixelRatio*screen.width 'x' window.devicePixelRatio*screen.height) :(screen.width 'x' screen.height) ". Join DeviantArt for FREE. Forgot Password or Username? RIP Black Hair 8/17/08. RIP Black Hair 8/17/08. Deviant for 9 Years. This deviant's full pageview. RIP Black Hair 8/17/08. Last Visit: 246 weeks ago. RIP Black Hair 8/17/08. You can drag and drop to rearrange.

kuzaa.deviantart.com

Kuzaa (...Gnohoho...) - DeviantArt

Window.devicePixelRatio*screen.width 'x' window.devicePixelRatio*screen.height) :(screen.width 'x' screen.height) ; this.removeAttribute('onclick')" class="mi". Window.devicePixelRatio*screen.width 'x' window.devicePixelRatio*screen.height) :(screen.width 'x' screen.height) ; this.removeAttribute('onclick')". Join DeviantArt for FREE. Forgot Password or Username? Deviant for 5 Years. This deviant's full pageview. Last Visit: 237 weeks ago. This is the place where you can personalize your profile! Window&...

kuzaafrica.com

Kuza Africa

By enabling the farmer to get more out of his land and encouraging more people to get involved in agribusiness we shall increase food security. Africa’s new crop of farmers. Nigerian pop star D’banj rocked the entertainment scene when he said that the Koko Master has now become the Coco Farmer. Agriculture is the crux of civilization. If Africa is to advance, the continent must invest in agriculture and ensure food security. How do we do we end hunger in Africa? Growing plants without soil?

kuzaafrica.org

Welcome to: kuzaafrica.org. This Web page is parked for FREE, courtesy of GoDaddy.com. Search for domains similar to. Is this your domain? Let's turn it into a website! Would you like to buy this. THE domain at THE price. Visit GoDaddy.com for the best values on. Restrictions apply. See website for details.