|
@filedescriptor | |||||
|
@ngalongc, @EdOverflow, and I are starting a new security blog.
In our first write-up, we will discuss the impact of "SameSite by default" and how it affects web app sec. Feel free to request future topics you would like us to cover.
blog.reconless.com/samesite-by-de… pic.twitter.com/5R23YmpksT
|
||||||
|
||||||
|
James Kettle
@albinowax
|
31. sij |
|
Nice work! I love the domain name too...
|
||
|
|
||
|
FD
@filedescriptor
|
31. sij |
|
Thanks! We wanted to focus on techniques that don't rely on reconnaissance
|
||
|
|
||
|
Pяαкαѕн
@1lastBr3ath
|
31. sij |
|
So, sooner or later, all client-side attacks will fail as they’re 90% of the time x-site.
|
||
|
|
||
|
FD
@filedescriptor
|
31. sij |
|
Yes you can say that
|
||
|
|
||
|
ak1t4 🇦🇷
@akita_zen
|
1. velj |
|
@bughuntercat this is what I was taking about. Brace yourselves: future bughunters will try more harder 🗡 🛡 🐉 pic.twitter.com/dAmYSlMmex
|
||
|
|
||
|
Masonhck357
@Masonhck3571
|
1. velj |
|
lol I don't think they will try harder, in fact, I think you are going to see a lot of them quit.
|
||
|
|
||
|
Shivam Goyal
@g33kyshivam
|
31. sij |
|
A blog on "Real Impact of XSS" would be nice to have as I started learning about XSS it was all about popping alerts but as I read more writeups, I realized it is more than that. bypassing csrf protection/ performing account takeover with CSRF etc
|
||
|
|
||
|
James Kettle
@albinowax
|
31. sij |
|
If you didn't already see it, check out portswigger.net/web-security/c…
|
||
|
|
||
|
B1twis3 ◉ PHILOMATH📖
@fasthm00
|
31. sij |
|
What a catchy domain name! Also I liked the topic. Keep it up guys!
|
||
|
|
||