Tag: csrf

Slides: Security Implication of the Cross-Origin Resource Sharing

As I mentioned in the CORS: Attack scenarios and the CORS: Attacker Model posts, I held the presentation about the security of CORS at the Hacktivity conference in Budapest. The presentation slides can be downloaded from here. If you have any questions to the topic, then let me know.
Continue reading

CORS: Attack scenarios

I was preparing myself for the Hacktivity conference in Budapest, where I talked about the security of the Cross-Origin Resource Sharing (CORS). As part of the preparation I summarised my thoughts in a couple of blog posts. This is one of them.

As a follow up of my previous post, I would like to continue with the short analysis of the threats and attack scenarios which could exploit CORS.
Continue reading

Here it is, the file upload CSRF

Recently I wanted to do a Cross Site Request Forgery Proof-of-Concept for a file upload functionality. As you might know it is not necessarily as easy as simple form CSRFs. Continue reading

© 2017 Æther Security Lab

Theme by Anders NorenUp ↑