Tag: session hijack

Guide to understanding XSS – Payloads, attack vectors, BeEF hooking, MiTM with Shank and some history

Cross site scripting is vulnerabilities in web applications that involves injecting valid HTML or scripts in some form or way. XSS is a very widespread vulnerability (see OWASP TOP 10) on the internet today. It is both easy to eliminate and easy to detect. It is however usually harder to exploit than for example SQL…

29/08/2012
Ways to retrieve a missing persons account passwords

Since the creation of this post, many other ways of retrieving a password has been discovered, e.g. Mimikatz, Lan Turtle & Responder, Konboot and more. Norwegian newspaper claims police is lacking missing persons social media password Today, a major newspaper, VG announced that the progress in the of a missing person case may be set…

08/08/2012

Guide to understanding XSS – Payloads, attack vectors, BeEF hooking, MiTM with Shank and some history