skip to main | skip to sidebar

the world. according to koto

on security, malware, cryptography, pentesting, javascript, php and whatnots

No posts. Show all posts

No posts. Show all posts

Subscribe to: Posts (Atom)

Share

About me

See also

@kkotowicz
Google Plus profile
LinkedIn profile
GitHub account
My Google code projects
My e-commerce portfolio (Polish)

Search

Loading...

Tags

3des access ajax analysis android bbcode cache captcha clickjack clickjacking clone closures cracow crockford cryptography csrf datepicker datetimeconvert demo denied deployment des desede dialog diff doctrine e4x ede email encryption escape eval events everonia facebook false firebug firefox flickr freetds ftp game google grep hack hardening hijack history html html5 http ie iframe include java javascript jquery json jsunpack key lint load log magic quotes malware mdb2 modal mssql multiuser mysql new pix niebezpiecznik obfuscation openssl option oracle overloading owasp padding parity pear phar php php5 pki plugin propel python readonly referrer refresh regex remote rest search security select server share sidejacking signing sql injection sqli svn symfony tab tabs talk tostring track training tree tripledes tumblr turing ui update upload utf7 video webdav websockets wget widget window xml xss youtube zend framework

Archive

▼ 2012 (1)
- ▼ January (1)
  - Cursorjacking again

► 2011 (25)
- ► December (1)
  - Beatthis! oracle crypto xmas challenge
- ► November (3)
- ► October (4)
- ► September (1)
  - Minus.com silent arbitrary file upload
- ► August (2)
  - Death to the filters - how to validate JSON correc...
  - How not to implement CAPTCHAs (MotionCAPTCHA rant)...
- ► July (2)
  - Imgur.com session hijacking
  - Cross domain content extraction with fake captcha
- ► June (1)
  - File path injection in PHP ≤ 5.3.6 file upload (C...
- ► May (2)
  - Invisible arbitrary CSRF file upload in Flickr.com...
  - Cross domain arbitrary file upload Redux
- ► April (2)
  - How to upload arbitrary file contents cross-domain...
  - Filejacking: How to make a file server from your b...
- ► March (5)
- ► January (2)
  - How to get SQL query contents from SQL injection f...
  - XSS-Track as a HTML5 WebSockets traffic sniffer

► 2010 (30)
- ► December (3)
- ► November (2)
  - XSS track got ninja stealth skills thanks to HTML5...
  - XSS-Track: How to quietly track a whole website th...
- ► October (6)
- ► September (4)
- ► August (2)
  - MakeMeLaughNow - analysis of new generation facebo...
  - Hardening PHP: How to securely include remote code...
- ► July (2)
  - Hardening PHP: How to securely include remote code...
  - Hardening PHP: How to securely include remote code...
- ► June (3)
- ► May (3)
  - Incoming lectures on malware and on SQL injection
  - Deobfuscating PHP scripts with evalhook
- ► April (3)
- ► March (2)

► 2009 (9)
- ► December (2)
- ► October (1)
- ► September (3)
- ► March (3)

Fresh from delicious.com/koto

Subscribe

Posts

Posts

All Comments

All Comments