Friday, 28 March 2008

Langy explains very well how to fix XSS vulnerabilities using htmlentities, htmlspecialchars and stip_tags PHP functions. Plain and simple ways that fix 99% of XSS vulns.

Wednesday, 27 February 2008

An article about the basics of cross-site scripting.

Sunday, 6 January 2008

SlicK from Romanian Security Team, has written a very interesting paper about the way Yahoo! authenticates their users. Provides and in-depth analysis and explanation of Yahoo! cookies. It also includes the PHP code of the "yahoo64" algorithm.

Saturday, 3 November 2007

This is an interesting read about CSRF attacks, covering the difference between XSS and CSRF, attack points and possible prevention solutions. Code examples are provided.

Friday, 2 November 2007

Our friend Nexus has written a fresh and very interesting paper on how to prevent CSRF attacks.

Wednesday, 31 October 2007

The best FAQ about cross-site scripting. Answers and questions on identification, threats, and prevention with examples and links. A must read if your site is XSS attacked.

1 2 3 4 5