Posts Tagged ‘cross-site scripting’


Introducing Burp Correlator!

August 14, 2015

This one is for you web penetration testers!  This new Burp extension is designed to help with efficiency when you are testing a complex application full of parameters or a […]


Don’t Forget the Little Things!

March 26, 2015

On January 31st, Deusen disclosed what was described as a Same Origin Policy Bypass flaw called “Universal XSS (U-XSS)” in IE 9 through 11 on Full Disclosure.  This zero-day is […]


CarolinaCon 11 Slides for Anatomy of Web Client Attack

March 21, 2015

For those who have asked – my slide deck for Anatomy of Web Client Attacks can be downloaded here. Jason Gillam is a Senior Security Consultant with Secure Ideas. If […]


We Can’t Rely on the Browser for Protection

September 12, 2013

 A large part of doing security consulting is providing proper mitigations and recommendations to our clients.  Sure, the testing is the exciting part, but it is the recommendations that are […]