Category Archives: Security

Security Bookmarklets

Posted on January 28, 2008 by Fernando

I took a couple of days from my school vacation to write 3 bookmarklets that will help me when auditing web sites, I’d like to share them here because I know that they’ll help some of my friends, and probably … Continue reading →

Posted in English, Programming, Security, Uncategorized | Tagged firefox, ie, Security | Leave a comment

Firefox 2.0.0.10 released

Posted on November 27, 2007 by Fernando

Mozilla Corporation just released Firefox 2.0.0.10 which includes fixes against JAR uri attacks. This issue affected browsers that used Gecko engine, a quick check showed me that only K-meleon browser was also updated, however there are several Gecko based web … Continue reading →

Posted in English, Security, XSS | Tagged firefox, gecko, jar, mozilla, Security, XSS | Leave a comment

Google Gadgets XSS (IE6/Opera)

Posted on November 25, 2007 by Fernando

There is a recent discussion on ha.ckers.org regarding a possible CSRF that could allow an attacker to inject an evil gadget on someobdy else’s iGoogle page. After checking the format of the xml file used to define the gadgets properties, … Continue reading →

Posted in English, Security, XSS | Tagged google, ie, Security, xml, XSS | 2 Comments

Category Archives: Security

Security Bookmarklets

Firefox 2.0.0.10 released

Google Gadgets XSS (IE6/Opera)

Archives

Meta