Tweets
- Tweets
- Tweets & replies
The X-Frame-Options header is going away. https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options …
Exploit PHP’s mail() to get remote code execution http://pocket.co/sAX8w
Dirty Browser Enumeration Tricks – Using Chrome:// and about: to Detect Firefox & Plugins - http://thehackerblog.com/dirty-browser-enumeration-tricks-using-chrome-and-about-to-detect-firefox-plugins/ …
ERNW’s Top 9 Burp Plugins - http://www.insinuator.net/2014/08/ernws-top-9-burp-plugins/ …
Oh hey, everyone: crypto challenge set 7 is up now. http://cryptopals.com/sets/7/
Exploiting XPath injection vulnerabilities with XCat http://tomforb.es/exploiting-xpath-injection-vulnerabilities-with-xcat-1 …
the Public Suffix List and the need for that is one of the uglier corners of current web protocols if you ask me
#Google Chrome #XSS auditor Bypass - http://packetstormsecurity.com/files/128104/Google-Chrome-31.0-XSS-Auditor-Bypass.html …
Interesting Kickstarter project: "CANBus Triple – The car hacking platform" https://www.kickstarter.com/projects/etx/canbus-triple-the-car-hacking-platform …
Here's frequency data for 10 google app keys, clearly not uniformly random pic.twitter.com/meVAm16xoh
Uninit memory disclosure fixed in Firefox: http://lcamtuf.blogspot.com/2014/09/cve-2014-1564-uninitialized-memory-when.html …
Bypassing ClearClick and X-Frame-Options:Visible http://homakov.blogspot.de/2014/09/bypassing-clearclick-and-x-frame.html …
Technical analysis of client identification mechanisms - https://sites.google.com/a/chromium.org/dev/Home/chromium-security/client-identification-mechanisms …
Predicting the next Math.random() in Java http://zite.to/1u9VTji
[Tutorial] - How to use BurpCSJ extension for Burp proxy with authentication: http://bit.ly/burpcsj-auth
RT @0x6D6172696F This should be the shortest XSS variant of the MSIE CSS parser glitch: <i/style=x=x/**/(alert(1))('\')expression\')>
Android Browser Same Origin Policy Bypass - http://www.rafayhackingarticles.net/2014/08/android-browser-same-origin-policy.html …
After 3 months of insolvency & having a buyer for 1.5months, they back up on the closing day and the entire company is fired #noworkonmonday
Character set quirks in particular browsers, useful for XSS exploitation - http://l0.cm/encodings/test1/ …
Twitter may be over capacity or experiencing a momentary hiccup.
Visit Twitter Status for more information.