Today Flash is the de-facto standard for developing interactive and rich web-based applications. It even comes installed on every new computer (it’s part of Windows XP installation). That’s what makes Flash applications a perfect target for client-side attacks.
So what exactly makes Flash a potential security threat? Its features. Flash applications can execute JavaScript when embedded [...]

Untidy is a Python-based XML fuzzer. It takes XML data as input and generates a set of modified, potentially invalid XML data based on the source input.
In a nutshell, fuzzing testing, is a software testing technique that sends random inputs to an application. If the target application contains a vulnerability that can lead to a [...]

Public areas that offer access to the Internet (airports, open wireless networks etc.) have no security in place. If you’re at a public WiFi spot, your personal information can be sniffed by other malicious users. This hack will show you a way to secure your web browser when using public networks.
In a nutshell, we’re going [...]

For most Internet users, spam is a daily hassle that can’t be remedied easily. Chances are that if you use Gmail, you’re less concerned about spam due to the excellent Gmail spam filter.
However, if you’re looking for a way to prevent untrusted web services from having your Gmail address and flooding you with spam, you [...]

Privacy and security are two very real concerns. The default settings in Firefox are pretty good at protecting your privacy and security, but you can make some adjustments to protect yourself even more. In this hack, we’ll show you how to prevent malicious JavaScript code to alter your browser and steal your information.
Why would [...]

The central ingredient of Web 2.0 web applications is Ajax. There is not security weakness in Ajax itself, but adaptation of this technology has changed the Web application development approach.
aSSL, or Ajax Secure Service Layer, is an open source library designed to substitute the need for Secure Socket Layer (SSL) in Ajax web-applications. In a [...]

Clipperz, the recently launched online password manager, can be used to store any kind of sensitive information, such as passwords, confidential notes, credit and debit card details, and so on.
It is free and completely anonymous, and the real cool feature is the direct login: users can save the credentials of their online accounts into [...]

If you are responsible for the security of your web applications, you know that auditing them for vulnerabilities is a challenging task. You will want to get familiar with the W3AF Web application attack and auditing framework to test your web applications before an attacker with malicious intent does it for you.
W3AF is designed for [...]

Flash is an interface for rich Internet applications and the core technology behind several popular Web 2.0 web sites. We all have it and we can’t imagine how our Internet experience would be without it. But what about security and privacy?
Adobe allows you to configure Flash security settings via the Settings Manager. In a nutshell, [...]

Web browsers are leaky faucets that are revealing email address, web sites you’ve entered, search queries and other information. This absolute invasion of your privacy is actually pretty common and there are several different ways you can take control and increase your privacy.
In this hack, we’re going to highlight 10 tips to bolster your privacy [...]