Date Author Title

CROSS SITE REQUEST FORGERY

2014-08-09Adrien de BeaupreComplete application ownage via Multi-POST XSRF

CROSS

2022-03-07/a>Johannes UllrichNo Bitcoin - No Problem: Follow Up to Last Weeks Donation Scam
2022-03-04/a>Johannes UllrichScam E-Mail Impersonating Red Cross
2014-08-09/a>Adrien de BeaupreComplete application ownage via Multi-POST XSRF
2013-02-11/a>John BambenekIs This Chinese Registrar Really Trying to XSS Me?
2013-02-04/a>Russ McReeAn expose of a recent SANS GIAC XSS vulnerability
2013-01-25/a>Johannes UllrichVulnerability Scans via Search Engines (Request for Logs)
2011-08-24/a>Rob VandenBrinkCitrix Access Gateway Cross Site Scripting vulnerability and fix ==> http://support.citrix.com/article/CTX129971
2009-07-17/a>John BambenekCross-Platform, Cross-Browser DoS Vulnerability

SITE

2023-12-11/a>Rob VandenBrinkWhat is sitemap.xml, and Why a Pentester Should Care
2021-08-04/a>Yee Ching TokPivoting and Hunting for Shenanigans from a Reported Phishing Domain
2021-06-24/a>Xavier MertensDo you Like Cookies? Some are for sale!
2018-11-17/a>Xavier MertensQuickly Investigating Websites with Lookyloo
2017-07-19/a>Xavier MertensBots Searching for Keys & Config Files
2017-04-07/a>Xavier MertensTracking Website Defacers with HTTP Referers
2017-01-14/a>Xavier MertensBackup Files Are Good but Can Be Evil
2016-01-29/a>Xavier MertensScripting Web Categorization
2014-08-09/a>Adrien de BeaupreComplete application ownage via Multi-POST XSRF
2014-06-11/a>Daniel WesemannGimme your keys!
2013-02-22/a>Johannes UllrichWhen web sites go bad: bible . org compromise
2013-02-11/a>John BambenekIs This Chinese Registrar Really Trying to XSS Me?
2013-02-04/a>Russ McReeAn expose of a recent SANS GIAC XSS vulnerability
2013-01-25/a>Johannes UllrichVulnerability Scans via Search Engines (Request for Logs)
2011-08-24/a>Rob VandenBrinkCitrix Access Gateway Cross Site Scripting vulnerability and fix ==> http://support.citrix.com/article/CTX129971
2010-08-13/a>Tom ListonThe Strange Case of Doctor Jekyll and Mr. ED
2010-04-26/a>Raul SilesVulnerable Sites Database
2009-08-18/a>Deborah HaleDomain tcpdump.org unavailable
2009-08-18/a>Deborah HaleWebsite compromises - what's happening?
2009-05-27/a>donald smithHost file black lists
2009-05-05/a>Bojan ZdrnjaEvery dot matters
2008-08-02/a>Maarten Van HorenbeeckIssues affecting sites using Sitemeter [resolved]
2008-06-07/a>Jim ClausingFollowup to 'How do you monitor your website?'
2008-04-24/a>donald smithHundreds of thousands of SQL injections

REQUEST

2014-08-09/a>Adrien de BeaupreComplete application ownage via Multi-POST XSRF

FORGERY

2014-08-09/a>Adrien de BeaupreComplete application ownage via Multi-POST XSRF