N-Stalker The Web Security Specialists

Archive for 2009

N-Stalker URL rewrite feature now available

March 3, 2009

It is becoming an usual feature to use URL rewriting feature to keep application secured and to increase its usability. This situation ended up creating a problem to automate Web Application security assessment tests as most of the time we are unable to obtain parameters and reach out for the application logic itself. Usually rewrite […]

comments

Community Blog

CSRF vulnerability in GMail service (pt_BR)

March 3, 2009

Caros, Saiu na fulldisclosure uma falha que chega a ser ridicula no gmail . A falha permite que utilizando CSRF ( Cross Site Request Forgery) voce consiga “modificar o password” da conta do gmail do usuario que mandar o site com os parametros nele. * Para ficar mais claro problema é um CSRF (Cross Site […]

comments

Community Blog

CSRF vulnerability in GMail service

March 3, 2009

Gmail has a CSRF vulnerability thats is totally easy to explore. Since it’s easy to explore we would like that our costumers take care until google/gmail fix that . * Remember the CSRF isn’t a problem by itself. The problem is that CSRF allow a brute force . IV. PROOF OF CONCEPT ————————- 1. An […]

comments

« Older Entries Newer Entries »

COMMUNITY LINKS:

Support Center

N-Stalker 2012 Manual

Latest software updates

Latest announcements

ARCHIVES: