|
|
| | The sad state of DOM security (or how we all ruled Mario's challenge) (2011) (kotowicz.net) | |
1 point by jorangreef on Sept 24, 2019 | past
|
|
| | “Amazon 1 Button” Chrome extension to sniff all your websites (2013) (kotowicz.net) | |
14 points by nwrk on Aug 22, 2017 | past | 1 comment
|
|
| | XSS in Gmail through Rapportive (kotowicz.net) | |
110 points by xSwag on Dec 28, 2013 | past | 13 comments
|
|
| | Use "Amazon 1 Button" Chrome extension to sniff all HTTPS websites (kotowicz.net) | |
516 points by jamzed on July 12, 2013 | past | 58 comments
|
|
| | Chrome addons hacking: Bye Bye AdBlock filters (kotowicz.net) | |
137 points by necenzurat on March 28, 2012 | past | 55 comments
|
|
| | Stripping HTTP referrer for client-side CSRF (kotowicz.net) | |
1 point by bluesmoon on Oct 24, 2011 | past
|
|
| | Cross-domain 'content extraction' using fake captcha and iframe (kotowicz.net) | |
3 points by Terretta on July 6, 2011 | past
|
|
| | How to upload arbitrary file contents cross-domain (kotowicz.net) | |
1 point by steilpass on April 29, 2011 | past
|
|
| | Who's behind Facebook clickjacking scams? (kotowicz.net) | |
5 points by DeusExMachina on March 17, 2011 | past | 1 comment
|
|
| | XSS-Track: Hijacking a whole website with a single XSS vulnerability. (kotowicz.net) | |
2 points by nathanhammond on Nov 6, 2010 | past
|
|
| | Analysis of New Generation Facebook Worm (kotowicz.net) | |
1 point by NathanKP on Aug 31, 2010 | past
|
|
| | 5 ways to prevent clickjacking on your website (and why they suck) (kotowicz.net) | |
1 point by jyothi on Dec 29, 2009 | past
|
|
|
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact
|
