securitum.com vulnerabilities researches and cyber security education publications

About us
Penetration Testing

Contact

Tag: CSS

Stealing Data in Great style – How to Use CSS to Attack Web Application.

Michał Bentkowski | September 25, 2017September 30, 2019 | Research

This article will show you an example of how you can use the ability to inject your own CSS rules into a web application to exfiltrate data. This attack can be particularly practical for stealing tokens that protect against CSRF attacks. In this text we will see that CSS injections can be used to steal …

Research updates?

Please leave this field empty

E-mail address *

We keep your data private and use it only for research updates newsletter. We also hate spam! Read our Privacy Policy.

Check your inbox or spam folder to confirm your subscription.

Tags

Analysis · Apache · Bug Bounty · Bypass · CA · Camera · Car · Card · CCTV · Censys · Cisco · Cordova · Credit Card · Cryptography · Desktop · Google · Google Chrome · Hack · Hangouts · HTTP · HTTP/2 · IoT · Linux · Malware · Mozilla Firefox · NMAP · Payment · Paypass · Phone · Privilige Escalation · pseudo-random · Race Condition · RCE · Reconnaissance · Shodan · Spoofing · SSL · Takeover · Upload · Vulnerability · Web Hacking · XSS · XSSMas · ZIP · Zoomeye

Post of the month

3 Sep 2019

Security analysis of <portal> element

Michał Wnękowicz

Security Research Manager

Check out our new security discovery: deep security analysis of element with high bounty from Google.

LinkedIn
Facebook
Twitter
GitHub