Kuskos|January 12, 2016

Top 10 Web Hacking Techniques of 2015

UPDATE – 4/20/2016 We have our Top 10 list folks! After a lot of coordination, research, voting by the community and...

CONTINUE READING
Robert Hansen|February 10, 2014

List of Common HTTP Headers

Every few months I find myself looking up up the syntax of a relatively obscure, common HTTP headers. Regularly I...

CONTINUE READING
Carlos Munoz|December 4, 2013

Bypassing Internet Explorer’s Anti-XSS Filter

There’s a problem with the reflective Cross Site Scripting (“XSS”) filter in Microsoft’s Internet Explorer family of browsers that extends...

CONTINUE READING
Jeremiah Grossman|November 7, 2012

7 Ways Vulnerability Scanners May Harm Websites and What To Do About It

Whether we like it or not, whether we want them to or not, whether it’s legal or not, there are...

CONTINUE READING
Robert Hansen|May 28, 2011

Magic Hashes

For more than the last decade, PHP programmers have been wrestling with the equals-equals (==) operator. It’s caused a lot...

CONTINUE READING
Jeremiah Grossman|May 25, 2011

4 Tips to Get a Conference “Call for Papers” Submission Accepted

If you’ve done unique research in information security, work that others would be interested in learning, the conference circuit provides...

CONTINUE READING