Skip to content

research.securitum.com

securitum.com vulnerabilities researches and cyber security education publications

  • About us
  • Penetration Testing
  • Contact us

Tag: Google Chrome

Address bar spoofing in Chrome and Firefox – description of CVE-2017-5089 and CVE-2017-7763

Michał Bentkowski | June 22, 2017September 30, 2019 | Research

In this article, I will show you how you could have previously performed “spoofing” of the address bar in Chrome and Firefox browsers. In other words, make the domain displayed in the browser’s address bar not the one where the user actually is. As a consequence, the attack can be used for phishing, for example, …

Read more

Research updates?

We keep your data private and use it only for research updates newsletter. We also hate spam! Read our Privacy Policy.

Check your inbox or spam folder to confirm your subscription.

For more follow us on Twitter!

Follow @securitum_com

Categories

  • Education 34
  • Research 30
  • Uncategorized 1

Tags

Analysis · Apache · Bug Bounty · Bypass · CA · Camera · Car · Card · CCTV · Censys · Cisco · Cordova · Credit Card · Cryptography · CSS · Desktop · dompurify · Google · Google Chrome · Hack · hacking · Hangouts · HTTP · HTTP/2 · IoT · javascript · Linux · Malware · Mozilla Firefox · NMAP · Payment · Paypass · Race Condition · RCE · Reconnaissance · Shodan · Spoofing · SSL · Takeover · Upload · Vulnerability · Web Hacking · XSS · XSSMas · Zoomeye

Archives

  • 2021 3
  • 2020 10
  • 2019 8
  • 2018 10
  • 2017 18
  • 2016 8
  • 2015 5

Post of the month

18 Nov 2019

XSS in GMail’s AMP4Email via DOM Clobbering

Michał Wnękowicz

Security Research Manager

For this month I propose: "XSS in GMail's AMP4Email via DOM Clobbering" which was nominated to "Top 10 web hacking techniques of 2019" by Portswigger.

READ MORE

Follow us on:

  • LinkedIn
  • Facebook
  • Twitter
  • GitHub

Pages

  • Research Home Page
  • Penetration Testing
  • Privacy Policy
  • About us
  • Contact us

Recent Posts

  • Is running legacy software with no publicly known exploits safe? November 23, 2021
  • Comparison of reverse image searching in popular search engines [OSINT hints] August 11, 2021
  • fail2ban – Remote Code Execution July 26, 2021
  • Helping secure DOMPurify (part 1) December 21, 2020
  • Mutation XSS via namespace confusion – DOMPurify < 2.0.17 bypass September 21, 2020
©2022 research.securitum.com