Cross Site Scripting ‘XSS’ in a Nutshell

Posted on Posted in Hacker News, Tutorial's

What is XSS? Cross-Site Scripting (XSS) is a code injection attack that allows an attacker to execute malicious JavaScript in another user’s browser. The attacker exploits an XSS vulnerability in a website that the victim visits, in order to deliver the malicious JavaScript through the website to the victim’s browser, the malicious JavaScript appears to […]

From APK to Golden Ticket

Posted on Posted in Hacker News, Tutorial's

Owning an Android smartphone and gaining Domain Admin rights and more… Andrea Pierini <decoder.ap@gmail.com>, Giuseppe Trotta <giutrotta@gmail.com> February 24, 2017 This article describes the potential dangers of using personal smartphones in corporate networks and as a result has been modeled after real events. It has been demonstrated that it is not so difficult for ill­intentioned to deceive an employee installing a malicious app on […]