Blogs about: Insecure Code

Featured Blog

Enigma?

Now this may be interesting… Should you write your own code? … or… Download already available code?… this is a question that’s been bothering me for a while, as I think w… more »

Insane Security

Enigma?2 comments

dblackshell wrote 1 week ago: Now this may be interesting… Should you write your own code? … or… Download alread … more »

Tags: Random Category, AJAX, Blog, CMS, forum, Guestbook, javascript, LFI, Online Shop!

WebGoat - cause everyone else is doing it!

dblackshell wrote 1 week ago: The unzip and run insecure J2EE web application… at least under windows… WebGoat is a d … more »

Tags: Toolbox, bypass, http splitting, insecure, J2EE, OWASP, SQL Injection, web application, webgoat

Different aproach on including files in PHP2 comments

dblackshell wrote 2 weeks ago: A couple of days/weeks ago (don’t quite remember well) I came across Savride’s blog, whe … more »

Tags: include, include_once, LFI, local/remote file inclusion, require, require_once, RFI

Regenerative Tokens4 comments

dblackshell wrote 1 month ago: As maybe you already read the article new fashion, new ways (or not) article which presented a coupl … more »

Tags: Anti, CSRF, javascript, JSON, php, protection

Got new bait?

dblackshell wrote 2 months ago: Maybe this is something already used (no wondering about it), but it’s worth mentioning… … more »

Tags: research - custom, dns, Hosts File, Phishing, Privacy, Spoof

less spam on blogs4 comments

dblackshell wrote 3 months ago: And no it’s not a better solution than Akismet, but will do against spam bots… This is f … more »

Tags: HOW TO?, AntiSpam, Spam, blogs, form, antispam code

new fashion, new ways (or not)1 comment

dblackshell wrote 5 months ago: Some time ago when I posted I Love CSRF (XSRF) fazed invited me to do a presentation on CSRF attack … more »

Tags: research - custom, Anti, check, CSRF, protection, referer

Source code audit - PHP5 comments

dblackshell wrote 8 months ago: What source code audit is? It’s a primary technique by which someone can find vulnerabilities … more »

Tags: HOW TO?, research - custom, $http_get_vars, $http_post_vars, $_cookie, $_GET, $_POST, $_request, $_server

I love CSRF (XSRF)2 comments

dblackshell wrote 9 months ago: I really do love CSRF?…. and it all started back when I was reading a topic on w4ck1ng forum, … more »

Tags: CSRF, Exploit, poll winning, XSS

XSS MuWeb3 comments

dblackshell wrote 10 months ago: Very often when got nothing to do, I put my thoughts on how to better secure a website/server (it de … more »

Tags: research - custom, Cookie, MMORPG, MU, muweb, Online, stealing, XSS

rudimentary anti-x(ross)s(ite)s(cripting)1 comment

dblackshell wrote 11 months ago: Why the following piece of code I will present is because not many people sanitize properly user inp … more »

Tags: research - custom, Anti, Security, XSS

quote: Javascript is evil

dblackshell wrote 11 months ago: And who I quote? Our little Javascript “Devil” friend SirDarckCat who is pulling it off … more »

Tags: HOW TO?, harmfull, javascript

secure PHP login script20 comments

dblackshell wrote 11 months ago: This is the finalization of the insane idea I had when publishing the login (security through obscu … more »

Tags: injection, login, md5, mysql, php, Script, secure, SQL

httpOnly vs. XmlHttpRequest2 comments

dblackshell wrote 12 months ago: I remember well a couple of days ago when I have read on ha.ckers.org this subject and in the first … more »

Tags: Cookie, AJAX, httponly, XMLHttpRequest


Have your say. Start a blog.

See our free features »

Related Tags
All »

Follow this tag via RSS

Find other items tagged with “insecure-code”:
Technorati Del.icio.us IceRocket