Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Testing Flash Applications

from [Stefano Di Paola] Network Security [Permanent Link]
Subject: Testing Flash Applications
Date: Mon, 21 May 2007 18:02:04 +0200 
During the 6th OWASP AppSec Conference in Italy, I presented a research
about testing for security vulnerabilities in Flash applications.

Abstract: 
My work describes several security flaws in Flash Applications and bad
habits in ActionScript coding, by analysing real world swf applications
flaws and potential vulnerabilities that could lead to client side
attacks. A new kind of attack called Cross Site Flashing is also
explained.


Blog Entry: 
http://www.wisec.it/sectou.php?id=464dd35c8c5ad

Pdf Version:
http://www.wisec.it/docs.php?id=5

Swf Version:
http://www.wisec.it/docs.php?id=6


Any comment will be really appreciated.

Regards,
Stefano
-- 
...oOOo...oOOo....
Stefano Di Paola
Software & Security Engineer

Owasp Italy R&D Director

Web: www.wisec.it
..................

Attachment: signature.asc
Description: Questa =?ISO-8859-1?Q?=E8?= una parte del messaggio firmata digitalmente

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Testing Flash Applications, Stefano Di Paola <=
Previous by Date:  Q1 2007 Application Security Trends Report, Tom Stracener
Next by Date:  Q1 2007 Application Security Trends Report (Corrected Link), Tom Stracener
Previous by Thread:  Q1 2007 Application Security Trends Report, Tom Stracener
Next by Thread:  Q1 2007 Application Security Trends Report (Corrected Link), Tom Stracener
Indexes:  [Date] [Thread] [Top] [All Lists]