THP Wisec USH DigitalBullets TheHackersPlace network

The WIse SECurity

.italian
.english

Wisec Home SecSearch Projects Papers Security Thoughts

News

Flash Application Testing: A New Vector for XSS and Cross Site Flashing.

IE and Firefox Digest Authentication Request Splitting.

Php import_req_var globals overwrite Advisory.

Subverting Ajax - The Paper.

Adobe Plugin Multiple Vulnerabilities.

Wisec@23rd.CCC Congress in Berlin - 29th Dec. 2006 - Subverting Ajax.

SecSearch. Search Engine for Security Community.

Mysql COM_TABLE_DUMP Flaws.

Mysql Anonymous login Flaw.

A new project to stop embed passwords in Php scripts: PassBroker.

MySQL new three vulnerabilities unleashed

PHP shmop safemode bypass

PHP RFC1867 Vuln - POC Released!

Search on Wisec

Security Thoughts

[ Back ]

Tuesday, December 04, 2007, 16:42

Finding Vulnerabilities in Flash Applications - Slides @ Owasp

Finally the slides of my presentation @ WASC & OWASP AppSec 2007 are available for everyone is interested on this topic.
It's the second chapter of my personal research about Flash Application security testing.
Some new trick is disclosed and a couple of video screencasts are now available to respectively show how a flawed SWF could XSS the hosting site, and a preview of the tool I am going to release today on behalf of Minded Security for SWF security analysis and testing at runtime.
I hope you'll enjoy reading it!

Comments:

No comments yet.

Comments are disabled

Admin login | This weblog is from www.mylittlehomepage.net

Wisec is brought to you by...

Wisec is written and mantained by Stefano Di Paola.

Wisec uses open standards, including XHTML, CSS2, and XML-RPC.

All Rights Reserved 2004
All hosted messages and metadata are owned by their respective authors.