[Owasp-switzerland] Hands-on Lab on XSRF and JSON hijacking

Cyrill Brunschwiler cbrunsch at gmail.com
Sun Apr 5 11:41:17 EDT 2009

Hi all,
        Hi all,

I'll be giving a talk/workshop/hands-on at the next OWASP
Switzerland chapter meeting on Tuesdays.

Developers are increasingly implementing Web 2.0 technologies
to provide rich client experience to users. Therefore, my
topics might be of Interest for you.

- Cross-site Request Forgery (a.k.a. XSRF)
- JSON hijacking

For those who are keen on hands-on. I'll provide the Compass
learning environment to those who are interested in practical
exploitation of the issues.

What attendees should bring...
- Laptop
- Patch cable, WLAN card
- Web Server locally installed (Apache, IIS...)
- Firefox 2.x
- E-Mail, Nickname and Password of your www.hacking-lab.com

What the talk is not about...
- JavaScript Object Notation Standard (JSON Standard)

Do I need to register at hacking-lab.com?
- Yes, in case you'd like to solve hands-on lab because
  exercises will be available online only.

Do we have Internet access during the session?
- Yes, I will provide access to hacking-lab.com.

Please remember, I will need you to send me your nickname in


More information about the Owasp-Switzerland mailing list