[Owasp-codereview] Cross Site Request Forgery and how to find it in the wild with 02

Matt Parsons mparsons1980 at gmail.com
Thu Dec 2 15:11:09 EST 2010


I have been reading on a lot of the security blogs on how people are
exploiting Crossdomain.xml with Cross Site Request Forgery,  I don't blog
about how to exploit it but rather how to find it automatically with 02.
Feel free to e-mail me with questions or comments.

http://parsonsisconsulting.wordpress.com/2010/12/02/how-to-find-crossdomain-xml-cross-site-request-forgery-with-02/

Thanks,
Matt


-- 

Matt Parsons, MSM, CISSP
315-559-3588 Blackberry
817-294-3789 Home office
"Do Good and Fear No Man"
Fort Worth, Texas
A.K.A The Keyboard Cowboy
mailto:mparsons1980 at gmail.com <mparsons1980 at gmail.com>
http://www.parsonsisconsulting.com
http://www.parsonsisconsultingblog.com
<http://www.o2-ounceopen.com/o2-power-users/>
http://www.linkedin.com/in/parsonsconsulting
http://www.vimeo.com/8939668
http://twitter.com/parsonsmatt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-codereview/attachments/20101202/05497e9f/attachment.html 


More information about the Owasp-codereview mailing list