Wednesday, August 12, 2009

Dynamic Cross-Site Request Forgery (CSRF) White Paper

This is the white paper on Dynamic Cross-Site Request Forgery. This attack was covered by Nathan Hamiel and Shawn Moyer at Black Hat US 2009 and Defcon 17. This paper outlines the issue and gives a couple of examples of attacks using the Dynamic CSRF vector.

Download PDF

see also

No comments: