Hacking News

Úvod  Komunikace(28)  Databáze(39)  Hardwarové(4)  Infrastruktura(7)  Mobil(18)  LAN(26)  Software(3)  Virus(66)  Web(724)  VoIP (5)  All

Webové techniky hackerů (724)




Webové aplikace (8)

Jaké jsou techniky proti webovým aplikacím.

Webové prohlížeče (2)

Jaké jsou techniky na webové prohlížeče.

Webové stránky (9)

Jaké jsou techniky proti webovým stránkám.

Webová bezpečnost ()

Jaké jsou techniky proti webovému zabezpečení.

1(DOMinator) Finding DOMXSS with dynamic taint propagation
2(Non-Persistent) Untraceable XSS Attacks
3.Net Cross Site Scripting – Request Validation Bypassing
4“ASPXErrorPath in URL” Technique in Scanning a .Net Web Application
50DAY: QuickTime pwns Firefox
610. Using Cookies For Selective DoS and State Detection
716. Bypassing CSRF protections with ClickJacking and HTTP Parameter Pollution
818. Popup & Focus URL Hijacking
924. The curse of inverse strokejacking
1026. Fooling B64_Encode(Payload) on WAFs and filters
112CAPTCHA Hax With TesserCap
1236. Web pages Detecting Virtualized Browsers and other tricks
1341. Breaking into a WPA network with a webpage
1445. Stroke triggered XSS and StrokeJacking
1562. Poisoning proxy caches using Java/Flash/Web Sockets
1663. How to Conceal XSS Injection in HTML5
1764. Expanding the Attack Surface
1865. Chronofeit Phishing
1966. Non-Obvious (Crypto) Bugs by Example
2067. SQLi filter evasion cheat sheet (MySQL)
218. XSHM Mark 2
22A brief description of how to become a CA
23A different Opera
24A Different Opera 
25A more plausible E4X attack
26A story that diggs itself
27A Twitter DomXss, a wrong fix and something more
28Aaron Patterson – Serialized YAML Remote Code Execution
29ABC News (AU) XSS linking the reporter to Al Qaeda
30About CSS Attacks
31About CSS Attacks
32Abusing CDNs with SSRF Flash and DNS
33Abusing Flash-Proxies for client-side cross-domain HTTP requests
34Abusing HTML 5 Structured Client-side Storage 
35Abusing HTTP Status Codes to Expose Private Information
36Abusing PHP Sockets
37Abusing PHP Sockets (1, 2)
38Abusing XLST for Practical Attacks
39Abusing XSLT for Practical Attacks
40Account Hijackings Force LiveJournal Changes
41Active Man in the Middle Attacks
42Active Man in the Middle Attacks
43ActiveX Repurposing 
44ActiveX Repurposing, (1, 2)
45Additional Image Bypass on Windows
46Adultspace XSS Worm
47Advanced Exploitation of Mozilla Firefox Use-After-Free Vulnerability (Pwn2Own 2014) CVE-2014-1512
48Advanced SQL injection to operating system full control
49Advanced SQL injection to operating system full control(whitepaper)
50Advanced Web Attack Techniques using GMail
51Advanced Web Attack Techniques using GMail 
52AIR Flash RCE from PWN2OWN
53All Your Google Docs are Belong To US…
54Angelo Prado, Neal Harris, Yoel Gluck – BREACH
55Anonymizing RFI Attacks Through Google
56Anti-DNS Pinning ( DNS Rebinding )
57Anti-DNS Pinning ( DNS Rebinding ) : Online Demonstration 
58Anti-DNS Pinning ( DNS Rebinding ) + Socket in FLASH
59Anti-DNS Pinning and Circumventing Anti-Anti DNS pinning
60Apache Struts ClassLoader Manipulation Remote Code Execution 
61Apache Struts ClassLoader Manipulation Remote Code Execution and Blog Post
62Apple's Safari 4 also fixes cross-domain XML theft
63Apple's Safari 4 fixes local file theft attack
64Arbitrary TCP over uploaded pages
65Ashar Javad Attack against Facebook’s password reset process.
66ASP.NET 'Padding Oracle' Crypto Attack
67AT&T Hack Highlights Web Site Vulnerabilities 
68Attack - PDF Silent HTTP Form Repurposing Attacks
69Attack Surface for Project Spartan’s EdgeHTML Rendering Engine
70Attacking CAPTCHAs for Fun and Profit
71Attacking HTTPS with Cache Injection
72Attacking OData: HTTP Verb Tunneling, Navigation Properties for Additional Data Access, System Query Options ($select)
73Auto-Complete Hack by Hiding Filled in Input Fields with CSS
75ava DSN Rebinding + Java Same IP Policy = The Internet Mayhem
76Backdooring MP3 Files
77Backdooring PDF Files
78Backdooring QuickTime Movies
80Belkin Buffer Overflow via Web
81BK for Mayor of Oak Tree View
82Blended Threats and JavaScript
83Blind SQL Injection: Inference thourgh Underflow exception
84Blind SQL Injection: Inference thourgh Underflow exception
85Blind web server fingerprinting
86Bonus Safari XXE (only affecting Safari 4 Beta)
87Breaking Google Gears' Cross-Origin Communication Model 
88Breaking HTTPS with BGP Hijacking
89Breaking into a WPA network with a webpage
90Browser Event Hijacking
91Browser Port Scanning without JavaScript
92Browser scheme/slash quirks
93Browsers Anti-XSS methods in ASP (classic) have been defeated!
94Browser's Ghost Busters
95Bruteforce of PHPSESSID
96Bruteforcing HTTP Auth in Firefox with JavaScript
97Bruteforcing/Abusing search functions with no-rate checks to collect data
98Bugs in the Browser: Firefox’s DATA URL Scheme Vulnerability
99Building Subversive File Sharing With Client Side Applications
100Bursting Performances in Blind SQL Injection - Take 2 (Bandwidth)
101Bypass port blocking in Firefox, Opera and Konqueror.
102Bypass Surgery
103Bypassing CAPTCHAs by Impersonating CAPTCHA Providers (1,2)
104Bypassing CSP for fun, no profit
105Bypassing CSRF protections with ClickJacking and HTTP Parameter Pollution
106Bypassing Filters With Encoding
107Bypassing Flash’s local-with-filesystem Sandbox
108Bypassing Flash’s local-with-filesystem Sandbox
109Bypassing HTTP Basic Authenitcation in PHP Applications (** potential rediscovery of: HTExploit – Bypassing .htaccess restrictions **)
110Bypassing Chrome’s Anti-XSS filter
111Bypassing Mozilla Port Blocking
112Bypassing NoCAPTHCA
113Bypassing of web filters by using ASCII 
114Bypassing OWASP ESAPI XSS Protection inside Javascript
115Bypassing URL Authentication and Authorization with HTTP Verb Tampering
116Canadian Beacon
117CAPTCHA Hax With TesserCap
118CAPTCHA Re-Riding Attack
119Carlos Munoz – Bypassing Internet Explorer’s Anti-XSS Filter
120Circumventing DNS Pinning for XSS
121Click here to vote for your favorite web hacks of the year!
122Clickjacking & OAuth
123Clickjacking / Videojacking 
124Clickjacking Rootkits for Android (2)
125Client-side SQL Injection Attacks
126Close encounters of the third kind (client-side JavaScript vulnerabilities)
127Close encounters of the third kind (client-side JavaScript vulnerabilities)
129Code Execution Through Filenames in Uploads
130Code Execution via XSS
131Code Execution via XSS (1)
132Cody Collier – Exposing Verizon Wireless SMS History
133Collecting Lots of Free 'Micro-Deposits'
134Common localhost dns misconfiguration can lead to "same site" scripting
135Compromising an unreachable Solr Serve
136Content Smuggling
137Content-Disposition Hacking
138Converting unimplementable Cookie-based XSS to a persistent attack
139Cookie Eviction
140Cookie Path Traversal
142Covert Redirect Vulnerability Related to OAuth 2.0 and OpenID
143Covert Timing Channels based on HTTP Cache Headers
144Cracking hashes in the JavaScript cloud with Ravan
145Cracking Ruby on Rails Sessions
146Creating a rogue CA certificate
148Cross Context Scripting from within the Browser
149Cross Domain Basic Auth Phishing Tactics
150Cross domain content extraction with fake captcha
151Cross Domain Leakage With Image Size
152Cross Environment Hopping
153Cross Site URL Hijacking by using Error Object in Mozilla Firefox
154Cross-Browser Proxy Unmasking
155Cross-domain leaks of site logins via Authenticated CSS 
156Cross-domain search timing
157Cross-protocol XSS with non-standard service ports
158Cross-protocol XSS with non-standard service ports
159Cross-site File Upload Attacks
160Cross-Site Identification (XSid)
161Cross-Site Port Attacks
162Cross-Site Printing (Printer Spamming)
163Cross-subdomain Cookie Attacks
164Crowd-sourcing mischief on Google Maps leads customers astray
165Cryptophp Backdoor
166CSRF And Ignoring Basic/Digest Auth
167CSRF on Novell GroupWise WebAccess
168CSRF token disclosure via iFRAME and CAPTCHA trickery 
169CSRF with JSON – leveraging XHR and CORS
170CSRF with MS Word
171CSRF: Flash + 307 redirect = Game Over
172CSRFing the uTorrent plugin
173CSS :visited may be a bit overrated
174CSS History Hack In Firefox Without JavaScript for Intranet Portscanning
175CSS history hacking with evil marketing
176CSS History Stealing Acts As Cookie
177CSS-Only Clickjacking
178CTA: The weaknesses in client side xss filtering targeting Chrome’s XSS Auditor
179CUPS Detection
180Cursorjacking again
181De-cloaking in IE7.0 Via Windows Variables
182Delta Boarding Pass Spoofing
183Detecting browsers javascript hacks
184Detecting Default Browser in IE
185Detecting FireFox Extentions
186Detecting IE in 12 bytes
187Detecting Private Browsing Mode
188Detecting Privoxy Users and Circumventing It
189Detecting States of Authentication With Protected Images
190Detecting users via Authenticated Redirects
191DHCP Script Injection
192Dialog Spoofing - Firefox Basic Authentication
193Diminutive Worm, 161 byte Web Worm
194DNS poisoning via Port Exhaustion
195DNS Rebinding for Credential Brute Force
196DNS Rebinding for Scraping and Spamming
197DNS Rebinding for Scraping and Spamming
198DNS Rebinding on Java Applets
199Dom Flow
200DOMinator – Finding DOMXSS with dynamic taint propagation
201DoS attacks via Abuse of Functionality vulnerabilities
202Double eval() for DOM based XSS
203Double eval() for DOM based XSS
204Drag and Drop XSS in Firefox by HTML5 (Cross Domain in frames)
205Drag and Drop XSS in Firefox by HTML5 (Cross Domain in frames)
206Drupal 7 Core SQLi
208Effects of DNS Rebinding On IE’s Trust Zones
209Embeding SVG That Contains XSS Using Base64 Encoding in Firefox
210Encoding Filter Bypass 
211Encoding Filter Bypass (UTF-7, Variable Width, US-ASCII)
212Enumerate Windows Users In JS
213Enumerating logins via Abuse of Functionality vulnerabilities
214Enumerating Through User Accounts
215Eradicating DNS Rebinding with the Extended Same-Origin Policy
216Evading All Web Application filters
217Evading All* WAF XSS Filters
219Exaggerating Timing Attack Results Via GET Flooding
220Excel formula injection in Google Docs
221Expanding the Attack Surface
222Expanding the Attack Surface
223Expanding the control over the operating system from the database
224Expansions on FREAK attack
225Expect Header Injection Via Flash
226Exploitation of “Self-Only” Cross-Site Scripting in Google Code
227Exploiting CSRF Protected XSS
228Exploiting Facebook Application XSS Holes to Make API Requests
229Exploiting IE8 UTF-7 XSS Vulnerability using Local Redirection
230Exploiting Logged Out XSS Vulnerabilities
231Exploiting Second Life
232Exploiting the unexploitable XSS with clickjacking
233Exploiting the unexploitable XSS with clickjacking
234Exploiting Unexploitable XSS
235Exploiting XSS in Ajax Web Applications
236Exploiting XSS vulnerabilities on cookies
237Exploiting XXE in File Parsing Functionality
238Exploiting XXE in File Upload Functionality
239Exponential XSS
240Exponential XSS Attacks
241Expression Language Injection
242Expression Language Injection
243F5 and Acunetix XSS disclosure
244Facebook hosted DDOS with notes app
245Facebook: Memorializing a User
246Facebook: Memorializing a User
247Father/Daughter Team Finds Valuable Facebook Bug
248Favorites Gone Wild
249File Download Injection
250File Name Enumeration in Rails
251File System API with HTML5 – Juice for XSS
253Filejacking: How to make a file server from your browser (with HTML5 of course)
254Finding Weak Rails Security Tokens
255Fireeye – Arbitrary reading and writing of the JVM process
256Firefox 2 and WebKit nightly cross-domain image theft
257Firefox cross-domain information theft (simple text strings, some CSV)
258Firefox File Handling Woes
259Firefox Header Redirection JavaScript Execution
260Firefox Popup Blocker Allows Reading Arbitrary Local Files
261Firefox XML injection into parse of remote XML
262Firefox’s JAR: Protocol issues
263Firefoxurl URI Handler Flaw
264Flash Camera and Mic Remember Function and XSS
265Flash clipboard Hijack
266Flash Cookie Object Tracking
267Flash Internet Explorer security model bug
268Flash Origin Policy Issues
269Flash Parameter Injection 
271Flickr's API Signature Forgery Vulnerability (MD5 extension attack)
272Fooling B64_Encode(Payload) on WAFs and filters
273Forget sidejacking, clickjacking, and carjacking: enter “Formjacking”
274Forging HTTP request headers with Flash
275Forging HTTP request headers with Flash
276Formaction Scriptless attack updates
277Frame Injection Fun
278FREAK(Factoring attack on RSA-Export Keys)
279Free MacWorld Platinum Pass? Yes in 2008!
280Fun with data: URLs
281Generic cross-browser cross-domain theft
282Generic cross-browser cross-domain theft 
283Generic cross-browser cross-domain theft 
284Get Internal Network Information with Java Applets
285Get Internal Network Information with Java Applets
287Gmail - Google Docs Cookie Hijacking through PDF Repurposing &PDF
288Google Adsense CSRF hole
289Google Docs puts Google Users at Risk
290Google Dorks Strike Again
291Google Drive SSO Phishing
292Google GMail E-mail Hijack Technique
293Google Hacks On Your Behalf
294Google Chrome HTTP AUTH Dialog Spoofing through Realm Manipulation
295Google Chrome/ChromeOS sandbox side step via owning extensions
296Google Chrome/ChromeOS sandbox side step via owning extensions
297Google Indexes XSS
298Google plugs phishing hole
299Google Translate - Google User Content - File Uploading Cross - XSS and Design Stringency - A Talk
300Google Two-Factor Authentication Bypass
301Google Urchin password theft madness
302Google User De-Anonymization
303Google Vulnerable Code Dork
304Governator Hack
305Gravatar Email Enumeration in JavaScript
306Hacker scans the internet
307Hacking Auto-Complete (Safari v1, Safari v2 TabHack, Firefox,Internet Explorer)
308Hacking CSRF Tokens using CSS History Hack
309Hacking Facebook with HTML5
310Hacking Facebook with HTML5
311Hacking Intranets Through Web Interfaces
312Hacking Intranets Via Brute Force
313Hacking PayPal Accounts with 1 Click
314Hacking RSS Feeds
315Hacking without 0days: Drive-by Java
316Hash Information Disclosure Via Collisions - The Hard Way
317HashDOS: Effective Denial of Service attacks against web application platforms
319Hellfire for redirectors
320Hidden XSS Attacking the Desktop & Mobile Platforms
321Hiding JS in Valid Images
322Hijacking Opera’s Native Page using malicious RSS payloads
323Hijacking Safari 4 Top Sites with Phish Bombs
324HikaShop Object Injection
325HostGator: cPanel Security Hole Exploited in Mass Hack
326Hostile Subdomain Takeover using Heroku/Github/Desk + more
327Hostile Subdomain Takeover using Heroku/Github/Desk 
328How Facebook lacked X-Frame-Options and what I did with it
329How I hacked GitHub again
330How I hacked Instagram to see your private photos
331How I Hacked StackOverflow
332How to Conceal XSS Injection in HTML5
333How to Conceal XSS Injection in HTML5
334How to defeat digg.com
335How to get linked from Slashdot
336How to get SQL query contents from SQL injection flaw
337How to get SQL query contents from SQL injection flaw
338How To Own Every User On A Social Networking Site
339How to upload arbitrary file contents cross-domain
340How to upload arbitrary file contents cross-domain (2)
341How to use Google Analytics to DoS a client from some website.
342HOW TO: Spy on the Webcams of Your Website Visitors
343HScan Redux
344HTML/CSS Injections - Primitive Malicious Code
345HTML+TIME XSS attacks
346HTML5 Hard Disk Filler™ API
347HTML5 new XSS vectors
349HTTP Parameter Pollution (HPP)
351HTTP Proxies Bypass Firewalls
352HTTP Response Splitting and Data: URI scheme in Firefox
353Hunting ASynchronous Vulnerabilities
354Hyperlink Spoofing and the Modern Web
355Chrome addon hacking (2, 3, 4, 5)
356Chrome and Safari users open to stealth HTML5 AppCache attack
357Chronofeit Phishing
358Chronofeit Phishing
359I know what your friends did last summer
360I know what your friends did last summer
361I know what you've got (Firefox Extensions)
362I know where you've been
363I used to know what you watched, on YouTube (CSRF + Crossdomain.xml)
364IE "Print Table of Links" Cross-Zone Scripting Vulnerability
365IE 7 and Firefox Browsers Digest Authentication Request Splitting
366IE Sends Local Addresses in Referer Header
367IE11 RCE
368IE6.0 Protocol Guessing
369IE7.0 Detector
370IE8 Link Spoofing - Broken Status Bar Integrity
371IE9 Self-XSS Blackbox Protection bypass
372Iframe HTTP Ping
373IIS5.1 Directory Authentication Bypass by using ":$I30:$Index_Allocation"
374IIS6/ASP & file upload for fun and profit
375IIS6/ASP & file upload for fun and profit
377Image Names Gone Bad
378IMAP Vulnerable to XSS
379Improving HTTPS Side Channel Attacks
380Improving HTTPS Side Channel Attacks
381Initiating Probes Against Servers Via Other Servers
382Injecting the script tag into XML
383Inline UTF-7 E4X javascript hijacking
384Inline UTF-7 E4X javascript hijacking
385Inter Protocol Exploitation
386Internal Port Scanning via Crystal Reports
387Internal Port Scanning via Crystal Reports
388Internet Archiver Port Scanner
389Internet Explorer 7 "mhtml:" Redirection Information Disclosure
390iPhone SSL Warning and Safari Phishing
391ISO-8895-1 Vulnerable in Firefox to Null Injection
392itms Decloaking
393James Bennett – Django DOS
394Java Applet Same IP Host Access
395Java Applet Same-Origin Policy Bypass via HTTP Redirect
396Java Applet DNS Rebinding
397Java Applets and DNS Rebinding
398Java Deserialization w/ Apache Commons Collections in WebLogic, WebSphere, JBoss, Jenkins, and OpenNMS
399Java DSN Rebinding + Java Same IP Policy = The Internet Mayhem
400Java JAR Attacks and Features
401JavaScript Code Flow Manipulation
402JavaScript Global Namespace Pollution
403JavaScript Port Scanning
404JavaScript Portscanning and bypassing HTTP Auth
407Join a Religion Via CSRF
408JSON Hijacking with UTF-7
409JSON-based XSS exploitation
410Jumping out of Touch Screen Kiosks
411Kindle Touch (5.0) Jailbreak/Root and SSH
412Kindle Touch (5.0) Jailbreak/Root and SSH
413Large Scale Detection of DOM based XSS
414Launch any file path from web page
415Linskys E420 Authentication Bypass Disclosure
416Local DoS on CUPS to a remote exploit via specially-crafted webpage
417Local DoS on CUPS to a remote exploit via specially-crafted webpage (1)
418LocalRodeo Detection
419Location based XSS attacks
420Login Detection without JavaScript
422Lost in Translation (ASP’s HomoXSSuality)
423Lost in Translation (ASP’s HomoXSSuality)
424Lotus Notes Formula Injection
425Lucky 13 Attack
426Magic Hashes
427Malformed URL in Image Tag Fingerprints Internet Explorer
428Mapping a web browser to GPS coordinates via router XSS + Google Location Services without prompting the user
429Mapping a web browser to GPS coordinates via router XSS + Google Location Services without prompting the user
430Mario Heiderich – Mutation XSS
431MD5 extension attack
432Metaverse breached: Second Life customer database hacked
433Microsoft ASP.NET Request Validation Bypass Vulnerability
434Microsoft ASP.NET Request Validation Bypass Vulnerability (POC)
435Microsoft IIS 0-Day Vulnerability Parsing Files (semi‐colon bug)
436Microsoft IIS with Metasploit evil.asp;.jpg
437Microsoft SChannel Vulnerability
438Million Browser Botnet Video Briefing
439Millions of PDF invisibly embedded with your internal disk paths
440Millions of PDF invisibly embedded with your internal disk paths
441Misfortune Cookie – TR-069 ACS Vulnerabilities in residential gateway routers
442MITM attack to overwrite addons in Firefox
443MitM DNS Rebinding SSL/TLS Wildcards and XSS
444More Port Scanning - This Time in Flash
445More URI Stuff… (IE’s Resouce URI)
446MSIE Flash 0day targeting french aerospace
447MSWord Scripting Object XSS Payload Execution Bug and Random CLSID Stringency
448Multi-pass filters bypass
449Multiple Facebook Messenger CSRF’s
450Multiple vulnerabilities in Apache Struts2 and property oriented programming with Java
451Multiviews Apache, Accept Requests and free listing
452MX Injection : Capturing and Exploiting Hidden Mail Servers
453MySQL and SQL Column Truncation Vulnerabilities
454MySQL Stacked Queries with SQL Injection...sort of
455MySQL Stacked Queries with SQL Injection...sort of
456NAT Pinning: Penetrating routers and firewalls from a web page
457NAT Pinning: Penetrating routers and firewalls from a web page (forcing router to port forward)
458Navigation Hijacking (Frame/Tab Injection Attacks)
459Net Cross Site Scripting – Request Validation Bypassing (
460Netflix.com XSRF vuln
461Network Scanning with HTTP without JavaScript
462New Evasions for Web Application Firewalls
463New Methods in Automated XSS Detection: Dynamic XSS Testing Without Using Static Payloads
464New PHPIDS vector
465Next Generation Clickjacking
466Nikon magazine hit with security breach
467No Alnum JavaScript (cheat sheet, jjencode demo)
469Noisy Decloaking Methods
470Non-Alpha-Non-Digit 3
471Non-Obvious (Crypto) Bugs by Example
472NoScript Bypass - "Reflective XSS" through Union SQL Poisoning Trick
473NoScript Bypass - "Reflective XSS" through Union SQL Poisoning Trick
474NTLM Relay via HTTP to internet or stealing windows user hashes while using java client
475NULLs in entities in Firefox
476NULLs in entities in Firefox
477One vector to rule them all
478OpenSSL CVE-2014-0224
479Opera XSS vectors
480Opera XSS vectors
481Optimizing the number of requests in blind SQL injection
482Our Favorite XSS Filters and how to Attack them
483overwriting cookies on other people’s domains in Firefox. 
484'Padding Oracle' Crypto Attack
485'Padding Oracle' Crypto Attack (poet, Padbuster, demo,ASP.NET)
486padding oracle web attack (poet, Padbuster, demo)
487Paper on Hacking Intranets Using Websites (Not Web Browsers)
488Parasitic computing using ‘Cloud Browsers’ (2)
489Passing Malicious PHP Through getimagesize()
490Password extraction from Ajax/DOM/HTML5 routine
491Password mining from AWS/Parse Tokens
492Pawn Storm (CVE-2015-7645)
494Paypal Manager Account Hijack
495PayPal Security Flaw allows Identity Theft
496PDF XSS Can Compromise Your Machine
497Penetrating Intranets through Adobe Flex Applications
498Performing DDoS attacks with HTML5 Cross Origin Requests & WebWorkers
499Permanent backdooring of HTML5 client-side application
500Permanent backdooring of HTML5 client-side application [Apture example]
501Persistent Cookies
502Persistent Cookies and DNS Rebinding Redux
503Persistent Cross Interface Attacks
504Persistent SQL Injection
505Phil Purviance – Don’t Use Linksys Routers
506PHPIDS bypass
507phpwn: Attack on PHP sessions and random numbers
508phpwn: Attack on PHP sessions and random numbers
509Ping pong obfuscation
510Pixel Perfect Timing Attacks with HTML5
511Poisoning proxy caches using Java/Flash/Web Sockets
512Poking new holes with Flash Crossdomain Policy Files
514Popup & Focus URL Hijacking
515Popup & Focus URL Hijacking
516Port Scan without JavaScript
517Port Scanning with HTML5 and JS-Recon
518Port Scanning with HTML5 and JS-Recon
519Posting raw XML cross-domain
520Practical Timing Attacks using Mathematical Amplification of Time Difference in == Operator
521Pulling system32 out over blind SQL Injection
522Pure Java™, Pure Evil™ Popups
523Pwning Opera Unite with Inferno’s Eleven
524Pwning Opera Unite with Inferno’s Eleven
525Pwning via SSRF (memcached, php-fastcgi, e
526PXSS on long length videos to DOS
527Quick Proxy Detection
528Quicky Firefox DoS
529Quicky Firefox DoS
530Racing to downgrade users to cookie-less authentication
531Random Number Security in Python
532Rapid history extraction through non-destructive cache timing (v8)
533RCE through mangled WAR upload into Tomcat App Manager using PUT-in-Gopher-over-XXE (1)
534Read Firefox Settings (PoC)
535Recursive DNS Resolver (DOS)
536Recursive File Include DoS
537Recursive Request DoS
538Redirector’s hell
539Reflected File Download
540Relative Path Overwrite
541Remote File Upload Vulnerability in WordPress MailPoet Plugin (wysija-newsletters)
542Res Timing Attack
543Res Timing File Enumeration Without JavaScript in IE7.0
544Res:// Protocol Local File Enumeration
545Residential Gateway “Misfortune Cookie”
546Response Splitting Filter Evasion
547Results, Unicode Left/Right Pointing Double Angel Quotation Mark
548Re-visiting JAVA De-serialization: It can't get any simpler than this !!
550RFC 1918 Blues
551RFC1918 Caching Security Issues
552Rosetta Flash
553Ruby on Rails Session Termination Design Flaw
554Safari Carpet Bomb
555Safari Carpet Bomb 
556Safari pwns Internet Explorer
557Same Origin Bypass in Adobe Reader CVE-2014-8453
558Same Origin Bypassing Using Image Dimensions
559Same Origin Spoofing to Attack Client Certificate Sessions
560Scanning internal Lan with PHP remote file opening.
561Scraping & Spamming
562Selecting Encoding Methods For XSS Filter Evasion
563Server Side Template Injection
564Server-Side Template Injection: RCE for the Modern Web App
565Session Extending
566Session Fixation
567Session Fixation Via DNS Rebinding
568Session Fixation Via DNS Rebinding
569Session Puzzling (aka Session Variable Overloading)
570Session Puzzling (aka Session Variable Overloading) 
571setTimeout Clickjacking
572Severe XSS in Google and Others due to the JAR protocol issues
574Side Channel Attacks in SSL
575Site Plagiarizes Blog Posts, Then Files DMCA Takedown on Originals
576Skype cross-zone scripting vulnerability
578Slowloris HTTP DoS
579Slowloris HTTP DoS
580SMB Decloaking
582SMTP Injection via Recipient Email Address
583Smuggling SMTP through open HTTP proxies
584SNMP XSS Attack
585Soaksoak WordPress Malware
586Social Networks Evil Twin Attacks
587Socket Capable Browser Plugins Result In Transparent Proxy Abuse
588Socket Capable Browser Plugins Result In Transparent Proxy Abuse
589Spoofing Firefox protected objects
590SpyTunes: Find out what iTunes music someone else has
591SQL Smuggling
592SQLi filter evasion cheat sheet (MySQL)
593SSID Script Injection
594St. Louis Federal Reserve DNS Redirect
595Steal History without JavaScript
596Stealing Basic Auth with Persistent XSS
597Stealing entire Auto-Complete data in Google Chrome
598Stealing Mouse Clicks for Banner Fraud
599Stealing Pictures with Picasa
600Stealing Search Engine Queries with JavaScript
601Stealing User Information Via Automatic Form Filling
602Stealth Cookie Stealing (new XSS technique)
603Steam Browser Protocol Insecurity
604Stiltwalker, exploits weaknesses in the audio version of reCAPTCHA
605Stored XSS Vulnerability @ Amazon
606Stripping Referrer for fun and profit
607Stroke triggered XSS and StrokeJacking
610Struts 2 OGNL Double Evaluation RCE
611Stuffing Javascript into DNS names
612Superfish SSL MitM
613SurveyMonkey: IP Spoofing
614Tabnabbing: A New Type of Phishing Attack
615Tapjacking: owning smartphone browsers
616Temporal Session Race Conditions Video 2
617Text-based CAPTCHA Strengths and Weaknesses
618The “I Know…” series. What websites know about you
619The Attack of the TINY URLs
620The Case of the Unconventional CSRF Attack in Firefox
621The curse of inverse strokejacking
622The Failure of Noise-Based Non-Continuous Audio Captchas
623The New Age of XXE
624The old is new, again. CVE20112461 is back!
625The PayPal 2FA Bypass
626The Unexpected Dangers of Dynamic JavaScript
627The Web Never Forgets: Persistent Tracking Mechanisms in the Wild
628There’s an OAK TREE in my blog!?!?!
629Timing Attacks on CSS Shaders
630Timothy Morgan – What You Didn’t Know About XML External Entity Attacks
631Timur Yunusov and Alexey Osipov – XML Out of Band Data Retrieval
632Top 3 Proxy Issues That No One Ever Told You
633Top-Level Universal XSS
634Tor Hidden-Service Passive De-Cloaking
635Total surveillance made easy with VoIP phone
636Tracking users that block cookies with a HTTP redirect
637Tracking users that block cookies with a HTTP redirect
638Tunneling TCP over HTTP over SQL Injection 
639Tunneling tcp over http over sql-injection
640Turn Any Page Into A Greasemonkey Popup
641Turning XSS into Clickjacking
642Turning XSS into Clickjacking
643TweetDeck XSS
644Twitter misidentifying context
645UI Redressing Mayhem: Firefox 0-Day And The LeakedIn Affair
646UI Redressing Mayhem: HTTPOnly Bypass PayPwn Style
647UI Redressing: Attacks and Countermeasures Revisited
648Unauthenticated Backup and Password Disclosure In HandsomeWeb SOS Webpages cve-2014-3445
649Unauthorized TinyURL URL Enumeration Vulnerability
650Understanding and Managing Entropy Usage
651Universal XSS in Adobe’s Acrobat Reader Plugin
652Universal XSS in IE8
653Universal XSS in IE8 
654Untangling The DOM For More Easy-Juicy Bugs
655UPnP Hacking via Flash
656URL Hiding - new method of URL Spoofing attacks
657URL Hiding - new method of URL Spoofing attacks
658URL Spoofing vulnerability in bots of search engines 
659URL Spoofing vulnerability in bots of search engines (#2)
660Username Enumeration Timing Attacks (Sensepost)
661Username Enumeration Vulnerabilities
662Using Blended Browser Threats involving Chrome to steal files on your computer
663Using Cookies For Selective DoS and State Detection
664Using Cross-domain images in WebGL and Chrome 13
665Using CSS to De-Anonymize
666Using HTTP headers pollution for mobile networks attacks (2)
667Using POST method to bypass IE-browser protected XSS
668Using the HTML5 Fullscreen API for Phishing Attacks
669Using WordPress as a intranet and internet port scanner
670Using your browser URL history to estimate gender
671Variable Width Encoding
672Visitor Tracking Without Cookies (or How To Abuse HTTP 301s)
673Weaknesses in RC4
674Web Browser History Stealing
675Web Browser Intranet Hacking / Port Scanning 
676Web Mayhem: Firefox’s JAR: Protocol issues
677Web pages Detecting Virtualized Browsers and other tricks
678Web Timing Attacks Made Practical
679Web Worms
680Web Worms 
681Who Are You? A Statistical Approach to Protecting LinkedIn Logins(CSS UI Redressing Issue)
682Widespread XSS for Google Search Appliance
683Will it Blend?
684Winning the Online Banking War
685WordPress Core RCE
686Xanga Hit By Script Worm
687X-Frame-Options (XFO) Detection from Javascript
688XML Intranet Port Scanning
689XMLHTTPReqest “Ping” Sweeping in Firefox 3.5+
690XSHM Mark 2
691XSS Fragmentation Attacks
692XSS in Skype for iOS
693XSS Relocation Attacks through Word Hyperlinking
694XSS Relocation Attacks through Word Hyperlinking
695XSS Vulnerabilities in Common Shockwave Flash Files
696XSS: Gaining access to HttpOnly Cookie in 2012
697XSSing client-side dynamic HTML includes by hiding HTML inside images and more
698XSSing client-side dynamic HTML includes by hiding HTML inside images and more
699XSS-Track as a HTML5 WebSockets traffic sniffer
700XSS-Track: How to quietly track a whole website through single XSS
701Yahoo Babelfish - Possible Frame Injection Attack - Design Stringency
702Yes, you can have fun with downloads
703Zach Cutlip – Remote Code Execution in Netgear routers