The HP Security laboratory
Browse by Tags
All Tags
»
Ajax
Ajax Security Book
AJAXWorld
book
conferences
JavaScript
JSON
security
webcast
XSS
Ajax Security Book is published with strong buzz and reviews
20 December 07 01:29 PM
|
Billy
|
2 Comments
Our Ajax Security book from Addison Wesley has been published! By now I'm sure everyone is tried of me talking about the book and its merits, so let's see what some of experts in the web security space are saying about it: Andrew van der Stock
Read More...
Ajax Security more than Increased Attack Surface
07 November 07 12:29 PM
|
Billy
|
3 Comments
I got an email from Christ1an the other day asking me what Ajax Security was all about. I was just going to send him the table of contents to the book, but I thought it might be educational to see how the components of Ajax security relate, and where
Read More...
Ajax Security Acceptance
30 August 07 12:45 PM
|
Billy
|
3 Comments
Its time again for AjaxWorld , the largest Ajax conference in the US. Bryan and I are thrilled. AjaxWorld offered us back -to- back sessions so we can do a 90+ minute workshop on how to break into Ajax applications. We will not only hit the major themes
Read More...
The real reason for (JavaScript|JSON) Hijacking
27 August 07 01:59 PM
|
Billy
|
1 Comments
When JSON hijacking was first discussed and demonstrated in 2006 and 2007 by Whitehat, Fortify and others, all of the proof of concepts used Mozilla specific JavaScript extensions like setter or __defineSetter__ . This led many people to believe that
Read More...
Speaking at Shmoo
22 March 07 05:05 PM
|
Billy
|
5 Comments
I’m really excited to be speaking at Shmoocon again and especially excited about my presentation this Saturday at 1pm. Javascript Malware for a Gray Goo Tomorrow focuses on the increased scope of damage caused by Cross-Site Scripting (XSS) vulnerabilities
Read More...
Ajax Webcast Questions
13 October 06 01:30 PM
|
Billy
|
3 Comments
Please post any questions/comments/discussions you have with our Ajax (in)security webcast here and I'll do my best to answer them here. For those who haven't seen the WebCast yet, you can get there by going here: https://download.spidynamics.com/registration/AJAX_webcast.as
Read More...
Search
Go
This Blog
Home
Email
Tags
Ajax
Ajax Security Book
AJAXWorld
ASP.NET
book
Bookmark
conferences
Firefox
hacked
IE
information disclosure
input validation
iPhone
JavaScript
Jikto
JSON
malware
Mozilla Rhino
Password Security
phishing
Privacy
product comparison
Safari
security
Shmoocon
testing methodology
webcast
worm
XSS
XSS Ajax
Navigation
Home
Blogs
Forums
Photos
Downloads
Archives
January 2008 (1)
December 2007 (2)
November 2007 (5)
October 2007 (1)
August 2007 (2)
July 2007 (2)
April 2007 (1)
March 2007 (1)
January 2007 (2)
December 2006 (1)
November 2006 (1)
October 2006 (2)
July 2006 (4)
June 2006 (5)
May 2006 (1)
April 2006 (2)
Syndication
RSS 2.0
Atom 1.0