Join facebook group THE HACKER DEVIL
Are you a website or blog owner working hard to generate traffic to your website or you are an internet marketer who is struggling to generate traffic to his/her web page so that his/her online venture should turn into money making game. Then here is a system that guarantees you hits and conversions from your online ventures. And the best part of its 100% free. I joined this system 7 days ago and I was able to pull out 922 page-views with with 441 unique page hits in just 7 days to my brand new website. Believe me that's not joke at all pulling out 922 hits in just 7 days. I personally recommend you to join this system and see results all by your own eyes I guarantee you it does works and the best part about it is its free. You don't need credit card or Paypal account to join this system registration is just clicks away.
Welcome back to Devil's Blog On Security. Today we'll cover countermeasures against XSRF attacks. From our previous posts on XSRF attacks it is quite clear that XSRF vulnerabilities arise mostly due to automatic submission of cookies therefore one of the best things you can opt as an countermeasure is not to rely completely on HTTP cookies.
Avoid use of hidden variables in HTML pages for critical applications better use any other alternative.
A protected session management can even avoid XSRF attacks that can be executed using session hacking.
Don't ever rely on HTTP for HTTP Referrer header since it can be spoofed.
Keep all plug-ins of your web browser updated.
Hacked Session XSRF Attack
In our last post we discussed countermeasures against session hacking. Here we gonna discus one more attack that can be done if session is not protected. Hacked session XSRF attack is combination of session hacking and cross site request forgery(XSRF). Hacked session XSRF vulnerabilities arise where HTTP cookies are used to transmit session tokens. That means once HTTP cookie is set in browser it'll automatically submit that cookie back to application for every request.
Free Ebook Download | The Compelete NetBIOS Enumeration Tutorial
Following ebook on NetBIOS enumeration covers everything you want to and you need to know about enumerating NetBIOS. This ebook covers NetBIOS enumeration with basics to using tools to enumerate it in possible details and in short simple form. Download and have fun.
Session Management Attacks Countermeasure
From last few posts we are discussing session hacking or we can say attacks against session management. So after having a small look over session hacking and some of its regular types its time to have a look on its countermeasures. Same as any other web application countermeasures session hacking countermeasures also depend upon type of application and its implementation or you can say type of vulnerability a web application can suffer from. In this following post we will discuss some preventive measures which can be practically implemented over any web application against session hacking.