Whitepapers & Case Studies
19 May 2014
SSL Pinning is a security measure employed by applications in an attempt to thwart users from intercepting requests with a web proxy. This whitepaper will discuss methods used to bypass SSL pinning.
21 April 2010
Cross Context Scripting (XCS) is a term coined for a browser based content injection in the Firefox chrome zone...
21 April 2010
This paper should be considered an addendum to the white paper "Cross Context Scripting with Firefox". This paper exclusively focuses on exploits which can be used to leverage Chrome Cross Context Scripting (XCS) vulnerabilities in Firefox...
25 September 2009
Direct Payment Solutions (DPS) is a leader in Internet payment solutions for the Australian and New Zealand markets. With thousands of New Zealand companies counting on DPS to process their electronic payments on a daily basis, it is imperative that DPS becomes PCI DSS-compliant. DPS enlists the expertise of Security-Assessment.com as the go-to partner for the complex compliance project.
18 October 2010
Security-Assessment.com discovered that it is possible to leverage Cross Site Request Forgery (XSRF) attacks with the potential of leaking cookie, basic and digest authentication tokens using Java Applet and the Apache Web Server “Compatibility with Older Browsers” feature.