cross-site scripting

Introducing Burp Correlator!

This one is for you web penetration testers!  This new Burp extension is designed to help with efficiency when you are testing a complex application full of parameters or a series of applications and just do not have enough time to thoroughly analyze each one.  It analyzes all the parameters in your in-scope traffic and …

Introducing Burp Correlator!Read More »

CarolinaCon 11 Slides for Anatomy of Web Client Attack

For those who have asked – my slide deck for Anatomy of Web Client Attacks can be downloaded here. Jason Gillam is a Senior Security Consultant with Secure Ideas. If you are in need of a penetration test or other security consulting services you can contact him at, on Twitter @JGillam, or visit the …

CarolinaCon 11 Slides for Anatomy of Web Client AttackRead More »

We Can’t Rely on the Browser for Protection

 A large part of doing security consulting is providing proper mitigations and recommendations to our clients.  Sure, the testing is the exciting part, but it is the recommendations that are going to have the greatest impact on our client’s security.  It is our goal to help make the security posture better, not set a record …

We Can’t Rely on the Browser for ProtectionRead More »

Scroll to Top