FOSS.IN - Attack Pad - WebNoxious - Attacking Open End Web
Entering into the Land of Developer Fallacies
1. Advanced Cross Site Request Forging (CSRF) - The Safari Way
2. Rediffmail - PDF HTTP Form Repurposing Attacks , Stealing Cookies through Undisposed Content
3. Yahoo ZIMBRA Cookie Stealing through PDF HTTP Form Repurposing Attacks.
4. Inline IFRAME Injections - YAHOO Babelfish Translation Services. Try on GMAIL yourself
5. Attacking Enterprise Applications - Through OpenOffice Word and MSWord formats - Stealing Cookies and Web Attacks.
Real Time Demonstrations
1. Advanced Level HTTP X Protection Parameters Applied Defense - Scrutinizing Domains
2. Level 1 Prototype - Flash Login Attacks - Developers Mistake that lead to Hell
(C) SecNiche Security