Application Security This Week for November 4

A new-to-me file upload vulnerability scanner got an update recently - worth a look.

https://github.com/almandin/fuxploider

 

Not a very USEFUL vulnerability, but someone figured out how to bypass Chrome's security model for cookies.

https://mango.pdf.zone/stealing-chrome-cookies-without-a-password

 

Telerik (a developer tools company) has a good post on XSS and Content Security Policy.

https://www.telerik.com/blogs/on-cross-site-scripting-and-content-security-policy

 

And that's the news!

Add comment

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

 

 

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList