Download Netsparker

Exploiting a CSRF Vulnerability in MongoDB Rest API

Category: Web Security Readings - Tags: proof of concept , csrf , mongodb - Thu, 29 Sep 2016, by Sven Morgenroth
This article explains how attackers can exploit a Cross-site Request Forgery (CSRF) vulnerability in the MongoDB REST API to extract data from the database of the vulnerable database management system. Read more...

Using the Same-Site Cookie Attribute to Prevent CSRF Attacks

Category: Web Security Readings - Tags: same site cookie attribute , csrf , web security reading - Tue, 23 Aug 2016, by Ziyahan Albeniz
This article looks into the details of how the Same-Site cookie attribute works and how it can be used to help prevent malicious cross-site request forgery (CSRF) attacks. Read more...

CSRF Vulnerability in Yandex Browser Allows Attackers to Steal Victim's Browsing Data

Category: Web Security Readings - Tags: csrf vulnerability , advisory , yandex browser - Tue, 09 Aug 2016, by Ziyahan Albeniz
This post explains how a malicious hacker can exploit a CSRF vulnerability in the Yandex browser that would allow them to get hold of the victim's confidential browsing data, including bookmarks, browsing history and also saved usernames and passwords. Read more...

Anti-CSRF token support in new Netsparker v1.8.3.3

Category: Releases - Tags: netsparker monthly , new features , bug fixes , netsparker improvements , anti csrf tokens - Thu, 10 Feb 2011, by Ferruh Mavituna
Unlike with other scanners, with Netsparker Web Application Security Scanner you can now automatically scan and identify vulnerabilities in websites which use anti-CSRF tokens. The new update of Netsparker also includes a number of new web application vulnerability checks, such as Frame Injection, web server source code disclosure and more. Read this blog post for a complete list of what is new and improved in this version of Netsparker. Read more...

Follow us