Comments on: For my next trick… hacking Web2.0

By: Facebook, Worms and RSS Feeds - Hacking The Web2.0 Way and Beyond | GNUCITIZEN

Wed, 29 Oct 2008 17:10:19 +0000

[...] been describing the numerous web2.0 attack strategies countless of times. Perhaps you remember my paper on hacking Web2.0? It sounds very similar to Ryan’s article, doesn’t [...]

By: J. Dameure

J. Dameure — Sat, 29 Mar 2008 15:35:10 +0000

Awesome work and great overview this article gives. Got to read it serveral times though to get all the details :-)

By: pdp

pdp — Thu, 28 Feb 2008 16:56:30 +0000

tanu & tanessa, thanks. I am glad that you have enjoyed it.

By: tanessa

tanessa — Thu, 28 Feb 2008 10:11:04 +0000

lovely work very well reaserched. I agree with Tanu(another person who gave her comments) that this should be told to each person who uses the internet it is ggggggreat. I think fantastic keep up the good work. i enjoyed every nuk-and-corner of this website. It was an eye-opener

By: tanu

tanu — Thu, 28 Feb 2008 10:04:10 +0000

excellent work should be published in newspapers worldwide or published in books or anything. bassiccally it should be conveyed to each human being using the internet

By: » You Suck at Web Security riahmat1c

» You Suck at Web Security riahmat1c — Tue, 05 Feb 2008 01:39:35 +0000

[...] nothing! This is something that doesn’t happen quickly, either. Despite hours of reading papers and discussions, my first reaction to seeing a new technology is still “Wow, that would be a [...]

By: Inking’s Blog » Google GMail E-mail Hijack Technique

Inking’s Blog » Google GMail E-mail Hijack Technique — Sun, 03 Feb 2008 04:56:42 +0000

[...] The technique used in this example is known as Cross-site request forgery, or simply put CSRF. I am not planning to go into details how it works. Just look it up on Google or better yet, Yahoo. Yes Yahoo is a lot better these days, especially when it comes to hardcore Web2.0 API hacking. For more information, check out the following white paper. [...]

By: rajsekhaar

rajsekhaar — Mon, 07 Jan 2008 17:40:05 +0000

Good site

By: Blogging in the name of…. » Blog Archive » Watch your Gmail Filters

Thu, 27 Dec 2007 14:29:39 +0000

[...] forwarding your mail to an unknown address. But don’t relax just yet. With Web 2.0 being the new favorite playground for hackers, the tech savvy user will probably have to think twice before using online applications. Be it [...]

By: Web 2.0 security « Continuous improvement

Web 2.0 security « Continuous improvement — Fri, 21 Dec 2007 13:51:39 +0000

[...] Next Line of Defence: Web2.0! You must read this!: Do you remember my words from my Web2.0 hacking talk: Data in the Cloud, Applications on demand, but for malware! Well it is happening! And I know [...]

By: The Next Line of Defence: Web2.0! You must read this! | GNUCITIZEN

The Next Line of Defence: Web2.0! You must read this! | GNUCITIZEN — Wed, 12 Dec 2007 16:32:12 +0000

[...] Web2.0! You must read this! published: December 12th, 2007 Do you remember my words from my Web2.0 hacking talk: Data in the Cloud, Applications on demand, but for malware! Well it is happening! And I know [...]

By: GEO Tracking Online Personas | GNUCITIZEN

GEO Tracking Online Personas | GNUCITIZEN — Fri, 30 Nov 2007 14:37:50 +0000

[...] Tracking Online Personas published: November 30th, 2007 After I have released the paper on Web2.0 hacking/security, I’ve been asked, on a numerous occasion, to come up with some tools that can be use to [...]

By: Smart Utility Computer with WebDAV: the stuff Google should implement | Hakiri

Tue, 20 Nov 2007 16:47:42 +0000

[...] about all these, not until yesterday when I was working on some advance Web2.0 attack models (check Web2.0 hacking for more information). I’ve released that in order to build a tangled attack infrastructure, [...]

By: OWASP USA 2007 AppSec Conference | GNUCITIZEN

OWASP USA 2007 AppSec Conference | GNUCITIZEN — Sun, 18 Nov 2007 20:51:41 +0000

[...] was honored to present my research on Web2.0 hacking, which I’ve also talked about over here. The slides were slightly adjusted to suit the [...]

By: Neo in making

Neo in making — Tue, 23 Oct 2007 19:26:28 +0000

Great job man! I appreciate it :)

By: Renaissance | GNUCITIZEN

Renaissance | GNUCITIZEN — Sun, 14 Oct 2007 07:55:40 +0000

[...] purposes as well. The project is still at development stage. We recommend you to have a look at the For my next trick… hacking Web2.0 purple paper for some insights how to use the [...]

By: Google Gmail: “E-mail Hijack” via CSRF « Simply Security

Google Gmail: “E-mail Hijack” via CSRF « Simply Security — Fri, 28 Sep 2007 12:01:44 +0000

[...] Web2.0 API hacking’. Per maggiori informazioni date un’occhiata a questo white paper“. E conclude con una interessante notazione: “Se trovate da soli questa vulnerabilitÃ , [...]

By: Kiril

Kiril — Thu, 27 Sep 2007 07:58:59 +0000

I’m proud to be Bulgarian ciitzen, the author of the article is fellow-countryman :)

By: Daniel

Daniel — Wed, 26 Sep 2007 11:59:44 +0000

Really, I pretty like the picture!

By: Google GMail E-mail Hijack Technique | GNUCITIZEN

Google GMail E-mail Hijack Technique | GNUCITIZEN — Tue, 25 Sep 2007 18:50:39 +0000