Cross-site request forgery Archives

DNS Rebinding: A Frightening Attack Vector with Spooky Security Impacts

Craig Young | October 31, 2019 | Cross-site request forgery, DNS rebinding, Internet of things, iot

One of the greatest misconceptions about online safety is that home networks are somehow private. Unfortunately, this hasn’t been true since around the turn of the century when we started filling our ...

The State of Security

The Importance of the Content-Type Header in HTTP Requests

Ziyahan Albeniz | December 24, 2018 | Cross-site request forgery, CSRF, headers, http, rce

Dawid Czagan, Founder and CEO at Silesia Security Labs and author of Bug Hunting Millionaire, is listed in HackerOne’s Top 10 Hackers. In a recent article on his website, Czagan disclosed the ...

Netsparker, Web Application Security Scanner

Three C-Words of Web App Security: Part 2 – CSRF

Mic Whitehorn-Gillam | October 24, 2018 | API security, Application Security, Best Practices, Cross-site request forgery, CSRF, developers, Penetration Testing, programming, web app security, web penetration testing

This is the second in a three-part series, Three C-Words of Web Application Security. I wrote a sort of prologue back in April, called A Brief Evolution of Web Apps, just to ...

Professionally Evil Insights