Soroush Dalili – Computer Security Is My Interest!

Soroush Dalili's blog – بلاگ سروش دلیلی
icon
  • Home
  • About Me
  • Advisories
  • Contact Me
  • FAQs
  • Links
  • Projects
    • Burp Suite Beautifier
    • Cross Site Request Forgery (CSRF) PoC Template (by Javascript)
    • Excel Advanced Search Add-In Application
    • Hall of Fame – Challenge Series 1

IE/Firefox Redirection Issue – FB Oauth2 Bypass – BugCrowd

On March 18, 2013, in My Advisories, Normal Posts, Security Articles, Security Posts, by Soroush Dalili
1 Comments
Leave A Response

 

XSS by uploading/including a SWF file

On November 12, 2012, in Security Articles, Security Posts, by Soroush Dalili
2 Comments
Leave A Response

Tagged with: ExternalInterface • ExternalInterface.call • file upload XSS • SWF file upload XSS • XSS • XSS by SWF 

IE9 Self-XSS Blackbox Protection bypass

On August 13, 2012, in My Advisories, Security Posts, by Soroush Dalili
1 Comments
Leave A Response

Tagged with: IE File Protocol • IE9 Self XSS Bypass 

Browsers Anti-XSS methods in ASP (classic) have been defeated!

On June 19, 2012, in Security Articles, Security Posts, by Soroush Dalili
1 Comments
Leave A Response

Tagged with: Anti-XSS bypass • AntiXSS bypass • ASP • browsers xss protection • HPP • XSS • xss protection bypass 

SecProject Web AppSec Challenge Series 1 Results

On June 10, 2012, in Security Articles, Security Posts, by Soroush Dalili
2 Comments
Leave A Response

Tagged with: Anti-XSS bypass • AntiXSS bypass • Challenge • Challenge Results • homo-characters • Input Disorder • Race Condition • SQLi • XSS 
Previous Entries

Categories 

  • My Advisories (14)
  • Normal Posts (24)
  • Security Articles (26)
  • Security Posts (38)
 

Recent Posts 

  • Microsoft XMLDOM in IE can divulge information of local drive/network in error messages
  • IE/Firefox Redirection Issue – FB Oauth2 Bypass – BugCrowd
  • File in the hole! – HackPra slides
  • XSS by uploading/including a SWF file
  • Don’t trust a string based on TryParse or IsNumeric result! (.Net/VBScript)
 

Tags 

All Facebook Application Walls Anti-XSS bypass AntiXSS bypass block ip block isp Blog Template Burp Suite Beautifier Burp Suite Extension by using iMacros Challenge close advertisment computer science vulnerabilities credit card algorithm credit card algorithm is equal to IMEI algorithm Critical vulnerabilities CSRF Attacks ExternalInterface ExternalInterface.call Facebook Add Friend Facebook Automatic Friend Add Facebook Automation Friend Facebook Game Cheat FaceBook MobWars Cheat file uploader bypass methods file uploader security bypass free web hosting hacking videos IMEI algorithm Javascript javascript to close advertisements logical flaw Microsoft IIS Vulnerability National ID Code Algorithm National ID Code JavaScript Privacy sql injection tutorial travian game travian hack travian online game Unrestricted File Download Unrestricted File Upload weblogs website vulnerability XSS XSS Vulnerability
 

RSS OWASP Feeds 

  • Consumers Unhappy, Frustrated with Password Security: Survey April 26, 2013
  • Crypto guru: Don't blame users, get coders security training instead April 23, 2013
  • Kenneth van Wyk: Making safer iOS apps - Computerworld Australia April 23, 2013
  • "jQuery Migrate" is a Sink, too?! April 19, 2013
  • Understanding the OWASP Mobile Top 10 Security Risks | Safari ... April 19, 2013
 

RSS Symantec Security News 

  • Best way to upgrade SEP from 12.1 RU1 MP1 to 12.1 RU2 MP1 April 26, 2013
  • Migration wizard for porting policy settings from SEP11 to fresh install of SEP12 April 25, 2013
  • Need a refresher about imaging and to know if anything is new or changed April 25, 2013
  • Help with client install packages. April 25, 2013
  • Websites viewed with Symantec 12 are being altered April 25, 2013
 

RSS New Vulnerabilities 

  • Vuln: Oracle Java SE CVE-2013-1558 Remote Java Runtime Environment Vulnerability April 25, 2013
  • Vuln: Oracle MySQL CVE-2013-1552 Remote MySQL Server Vulnerability April 25, 2013
  • Vuln: Oracle MySQL CVE-2013-2375 Remote MySQL Server Vulnerability April 25, 2013
  • Vuln: Oracle MySQL Server CVE-2013-1544 Remote Security Vulnerability April 25, 2013
  • Bugtraq: Nginx ngx_http_close_connection function integer overflow
  • Bugtraq: [waraxe-2013-SA#103] - Multiple Vulnerabilities in phpMyAdmin
  • Bugtraq: Cisco Security Advisory: Multiple Vulnerabilities in Cisco NX-OS-Based Product
  • Bugtraq: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Computing System
  • More rss feeds from SecurityFocus
 

Soroush Dalili – Computer Security Is My Interest!

Pages

  • About Me
  • Advisories
  • Contact Me
  • FAQs
  • Links
  • Projects
    • Burp Suite Beautifier
    • Cross Site Request Forgery (CSRF) PoC Template (by Javascript)
    • Excel Advanced Search Add-In Application
    • Hall of Fame – Challenge Series 1

Stay In Touch

  • About Me
  • Advisories
  • Contact Me
  • FAQs
  • Links
  • Projects
    • Burp Suite Beautifier
    • Cross Site Request Forgery (CSRF) PoC Template (by Javascript)
    • Excel Advanced Search Add-In Application
    • Hall of Fame – Challenge Series 1

More

Thanks for dropping by! Feel free to join the discussion by leaving comments, and stay updated by subscribing to the RSS feed.
© Soroush Dalili blog
iBlog by PageLines
Twitter Twitter LinkedIn LinkedIn