Taras,
On Wed, Feb 29, 2012 at 12:47 PM, Taras wrote:
> Andres, please read inline
>
>
>>> Every request inside user's area of web
>>> application with params will be detected as vulnerable. I' have decided
>>> to improve it (with making some research) and want to discuss with you
>>> interesting
Achim,
On Tue, Feb 28, 2012 at 5:36 PM, Achim Hoffmann wrote:
> Taras, Andrés,
>
> first of all CSRF is not limited to
> - requests with parameters
> - POST reqeusts
> - GET requests
> - requests with cookies
> - requests for authenticated sessions
>
> more details see inline below
Yes, I a
So how do you actually do it? I've read the thread but didn't see any info for
the workaround.--
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
Achim, please read inline
> ...
> IMHO following algorithm -if done in this sequence- is a bit hopeless.
>
>> * Crawl the web application without credentials, store non-authenticated
>> forms
>> * Login to the web application with the user provided credentials
>> * Crawl the web application keepi
Andres, please read inline
>> Every request inside user's area of web
>> application with params will be detected as vulnerable. I' have decided
>> to improve it (with making some research) and want to discuss with you
>> interesting topic - automation detection of CSRF flaws. My current view
>> o
Johannes ,
On Wed, Feb 29, 2012 at 6:58 AM, Johannes Weberhofer
wrote:
> Hello!
>
> I have now done some tests with python 2.7.
>
> It is important to update the guppy-package to the latest trunk version,
> because older versions are not compatible with python 2.7.
>
> After a long time of testi
Hello!
I have now done some tests with python 2.7.
It is important to update the guppy-package to the latest trunk version,
because older versions are not compatible with python 2.7.
After a long time of testing, I have recognized, that many all doc-tests fail
using the "nosetests --doctest-re
