您的位置:首页 > 理论基础 > 计算机网络

2011年十大网络黑客技术

2012-11-12 17:29 127 查看
Every year the Web security community produces a stunning amount of new hacking techniques published in various
white papers, blog posts, magazine articles, mailing list emails, etc. Within the thousands of pages are the latest ways to attack websites, Web browsers, Web proxies, and so on. Beyond individual vulnerability instances with CVE numbers or system compromises,
we’re talking about actual new and creative methods of Web-based attack. The Top Ten Web Hacking Techniques list encourages information sharing, provides a centralized knowledge-base, and recognizes researchers who contribute excellent work.
BY JEREMIAH
GROSSMAN 收集投票统计

The Top Ten

BEAST (by: Thai Duong and Juliano
Rizzo)

Multiple
vulnerabilities in Apache Struts2 and property oriented programming with Java (by: Johannes Dahse)

DNS poisoning
via Port Exhaustion (by: Roee Hay and Yair Amit)

DOMinator – Finding DOMXSS with dynamic taint propagation (by:
Stefano Di Paola)

Abusing Flash-Proxies
for client-side cross-domain HTTP requests (by: Martin Johns and Sebastian Lekies)

Expression
Language Injection (by: Stefano Di Paola and Arshan Dabirsiaghi)

Java
Applet Same-Origin Policy Bypass via HTTP Redirect (by: Neal Poole)

CAPTCHA Hax With
TesserCap (by: Gursev Kalra)

Bypassing Chrome’s Anti-XSS filter (by: Nick
Nikiforakis)

CSRF:
Flash + 307 redirect = Game Over (by: Phillip Purviance)

内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签: 
相关文章推荐
新的分享
章节导航