CSRF

infosec

One.com CSRF and XSS

About a year ago I found a few vulnerabilities on the one.com website. For those of you that don't know, _one.com_ is

Read
infosec

FitBit CSRF and XSS

A few months ago I bought a fitbit, which is a wristband tracking device.

Read
infosec

label clickjacking and javascriptless csrf

Another niche attack. I happened to notice the interesting behaviour of

Read

Web Timing Attacks, Continued

Continuing on the subjects of timing attacks, I recently found a small

Read