The HP Security laboratory
Browse by Tags
All Tags
»
JavaScript
Ajax
Ajax Security Book
AJAXWorld
conferences
Firefox
information disclosure
Mozilla Rhino
XSS
Ajax Security Book is published with strong buzz and reviews
20 December 07 01:29 PM
|
Billy
|
2 Comments
Our Ajax Security book from Addison Wesley has been published! By now I'm sure everyone is tried of me talking about the book and its merits, so let's see what some of experts in the web security space are saying about it: Andrew van der Stock
Read More...
JavaScript strings immutable in Rhino???
28 November 07 06:19 AM
|
Billy
|
1 Comments
Update: Hmmm. I think I'm looking at the wrong thing. This needs more testing/tracing to see exactly whats going on. Just a quick update from yesterday's post . It appears that Mozilla Rhino (a JavaScript interpreter written in Java) uses Java's
Read More...
[snarfs coffee]... wait, What are you doing?
27 November 07 08:13 AM
|
Billy
|
6 Comments
While reading through an article about Firefox 3 on Security Focus today I snarfed my drink when I read the following passage: The group also rewrote the Password Manager in JavaScript from C++ to eliminate memory errors, Schroepfer said. Digging a little
Read More...
Praise for Ajax Security Book
31 October 07 10:43 AM
|
Billy
|
2 Comments
Bryan and I got to see the cover of our book Ajax Security before it went to the printers today. It included what is known in the industry as a praise quote , where someone who is famous in a certain space reads the manuscript and provides a quote for
Read More...
Ajax Security Acceptance
30 August 07 12:45 PM
|
Billy
|
3 Comments
Its time again for AjaxWorld , the largest Ajax conference in the US. Bryan and I are thrilled. AjaxWorld offered us back -to- back sessions so we can do a 90+ minute workshop on how to break into Ajax applications. We will not only hit the major themes
Read More...
Speaking at Shmoo
22 March 07 05:05 PM
|
Billy
|
5 Comments
I’m really excited to be speaking at Shmoocon again and especially excited about my presentation this Saturday at 1pm. Javascript Malware for a Gray Goo Tomorrow focuses on the increased scope of damage caused by Cross-Site Scripting (XSS) vulnerabilities
Read More...
Search
Go
This Blog
Home
Email
Tags
Ajax
Ajax Security Book
AJAXWorld
ASP.NET
book
Bookmark
conferences
Firefox
hacked
IE
information disclosure
input validation
iPhone
JavaScript
Jikto
JSON
malware
Mozilla Rhino
Password Security
phishing
Privacy
product comparison
Safari
security
Shmoocon
testing methodology
webcast
worm
XSS
XSS Ajax
Navigation
Home
Blogs
Forums
Photos
Downloads
Archives
January 2008 (1)
December 2007 (2)
November 2007 (5)
October 2007 (1)
August 2007 (2)
July 2007 (2)
April 2007 (1)
March 2007 (1)
January 2007 (2)
December 2006 (1)
November 2006 (1)
October 2006 (2)
July 2006 (4)
June 2006 (5)
May 2006 (1)
April 2006 (2)
Syndication
RSS 2.0
Atom 1.0