måndag 17 januari 2011

Topp 10 Web Hacking Techniques 2010

Jeremiah Grossman publicerade nyss Top 10 Web Hacking Techniques 2010 – den årliga listan som röstas fram av communityn och sponsras av bland annat OWASP.
  1. 'Padding Oracle' Crypto Attack (poet, Padbuster, demo, ASP.NET), Juliano Rizzo, Thai Duong
  2. EvercookieSamy Kamkar
  3. Hacking Auto-Complete (Safari v1, Safari v2 TabHack, Firefox, Internet Explorer), Jeremiah Grossman
  4. Attacking HTTPS with Cache Injection (Bad Memories), Elie Bursztein, Baptiste Gourdin, Dan Boneh
  5. Bypassing CSRF protections with ClickJacking and HTTP Parameter PollutionLavakumar Kuppan, Manish Saindane
  6. Universal XSS in IE8 (CVE, White Paper), Eduardo Vela (sirdarckcat), David Lindsay (thornmaker)
  7. HTTP POST DoS ,Wong Onn Chee, Tom Brennan
  8. JavaSnoopArshan Dabirsiaghi
  9. CSS History Hack In Firefox Without JavaScript for Intranet PortscanningRobert "RSnake" Hansen
  10. Java Applet DNS RebindingStefano Di Paola

Inga kommentarer: