:::
Subject: Re:Posting Data to External Web Application - by: cshekhar
When we do the assignments for out going message variables in the same task where we’ve send a call to web-service or in other words the task where we invoke the wsdl. 2.When we connect the top-level element of an incoming schema to the
:::
[XSS Info] Re: very weird xss syntax? help?
That's a really nice JavaScript reference document. I bookmarked it too
:::
[OMG Ponies] Re: tra.ckers.org
That's not a bad idea. And btw, if you hadn't noticed the log of people we ban has been increasing very rapidly as we find more and more machines that have been hacked into who are being used to propagate botnets.
:::
[SQL and Code Injection] Re: Select * From * Where * = *
but you can play around with this one: http://www.triads.co.uk/search.html? query=a&manufacturers%5B%5D=-1asdf&min_price=0&max_price=50&day=24&month=9&year= 2006&to_day=24&to_month=11&to_year=2006&Submit.x=26&Submit.y=4&Submit=SEARCH
:::
[SQL and Code Injection] Re: Select * From * Where * = *
he was right to be stubborn that's not SQL injection. he seems to use a test for just if the query parameter contains the substring 'tops' anywhere (case insensitive) So this works:
:::
[Projects] Re: Tor detection project
that's not so much a tor check as it is a dynamic IP check. a LOT of people have dynamic IPs including everyone on dialup still. so expect more false positives than real positives using it as one piece of a heuristic is possible
:::
[SQL and Code Injection] Select * From * Where * = *
I was browsing for some clothes online - And I came accross this company (Triads) [url=http://www.triads.co.uk/]Triads.co.uk[/url] When I went to search for jeans I noticed the url ext became:
:::
[SQL and Code Injection] Re: SQL Injection
I tried '\'', and \'. But it didn't work as you said it did, I did use addslahes here, not enables magic_qoutes
:::
[Bugs] Re: Auto Logout
Haha always a good laugh upon here. Yes the POST issue, i can also post from my desktop :) so maluc is right it's silly to assume that it is safer then GET. some scripts check on this, but this is easy to omit by just passing the
:::
[XSS Info] Re: very weird xss syntax? help?
Maybe not on topic, but i came accros a verrry nice reference/script example site for all popular program languages: JS version: http://www.java2s.com/Code/JavaScriptReference/CatalogJavaScriptReference.htm Never saw such site which is

:::
Kelyan - Web Application
Web Application. Applicazioni centrate sul paradigma del browser/server o, con una definizione più operativa, applicazioni per trasformare un processo
:::
Web Applications 1.0
The main area that has not been adequately addressed by HTML is a vague subject referred to as Web Applications. This specification attempts to rectify this
:::
The Open Web Application Security Project
How to build, design and test the security of web applications and web services.
:::
adaptive path » ajax: a new approach to web applications
Seminal article which popularized "AJAX" as a term.
:::
NoTrace - Cross Site Scripting - Web Application Attack Attacco XSS
L'attacco Cross Site Scripting permette ad un aggressore di inserire codice arbitrario come input ad un sito web, così da modificarne il comportamento.

Web Applications 1.0
The main area that has not been adequately addressed by HTML is a vague subject referred to as Web Applications. This specification attempts to rectify this
The Open Web Application Security Project
How to build, design and test the security of web applications and web services.
adaptive path » ajax: a new approach to web applications
Seminal article which popularized "AJAX" as a term.
NoTrace - Cross Site Scripting - Web Application Attack Attacco XSS
L'attacco Cross Site Scripting permette ad un aggressore di inserire codice arbitrario come input ad un sito web, così da modificarne il comportamento.
:::
NoTrace - Cookie Attack - Web Application Attack attacco Cookie
Difendere i siti evitando attacchi alle applicazioni web, come la manipolazione dei cookie, descrizione dell'attacco Cookie Manipulation.
:::
Web application: content management system, e-commerce
Realizzazione siti web vetrina ed e-commerce, campagne di web marketing, posizionamento nei motori di ricerca, pubblicità internet.
:::
Exploit - SWAAT - Web Application Analysis Tool
SWAAT - Web Application Analysis Tool. Scritto alle 11:56 in Exploit, delle applicazioni web; utile per gli sviluppatori e per i security tester.
:::
Welcome
An open source framework for building Servlet/JSP based web applications based on the Model-View-Controller (MVC) design paradigm [Open Source, BSD-like]