Profile_bird

Hey there! RSnake is using Twitter.

Twitter is a free service that lets you keep in touch with people through the exchange of quick, frequent answers to one simple question: What's happening? Join today to start receiving RSnake's tweets.

Already using Twitter
from your phone? Click here.

RSnake

  1. Uploaded a DNS Rebinding video: http://ha.ckers.org/blog/20091201/dns-rebinding-video/ about 15 hours ago from web
  2. Twitter told me they removed my last tweet about Google because it is malware. You know - the same post that's still there. Hm. about 15 hours ago from web
  3. Google Phishing Site: http://www.google-ac.com/accounts/signin.html 6:22 PM Nov 27th from web
  4. Mmm... Thanksgiving π! 3:23 PM Nov 26th from web
  5. A watched MD5 hash never cracks. 1:40 PM Nov 25th from TweetDeck
  6. Don't click that bikini http://ha.ckers.org/blog/20091123/the-bikini-is-no-longer-safe/ 2:44 PM Nov 23rd from web
  7. Best typo domain ever com.com up for grabs: http://ha.ckers.org/blog/20091120/comcom-is-up-for-sale/ 8:46 AM Nov 20th from web
  8. Add spamming and scraping to the list of problems DNS Rebinding enables: http://bit.ly/1JCJ6D/ 8:21 AM Nov 18th from web
  9. @randomdross DNS Rebinding just keeps getting worse, doesn't it: http://bit.ly/4cxuKQ/ 2:08 PM Nov 17th from web
  10. I covered quite a bit of DNS rebinding in the book. Same mitigatigations, different problems: http://bit.ly/3hxTJN 1:52 PM Nov 16th from TweetDeck
  11. @randomdross @mckt_ DNS Rebinding Session Fixation http://bit.ly/3hxTJN More to come. 1:49 PM Nov 16th from web
  12. RT @fraudloss: Randolf-Brooks Credit Union now supports depositing checks via iPhone pics of checks. 10:21 AM Nov 16th from TweetDeck
  13. @t3rmin4t0r RT @sambowne: My Defcon Talk with @rsnake is up in video http://tr.im/EYLV -- SlowLoris and SSLStrip demos 8:45 PM Nov 14th from TweetDeck
  14. @djtechnocrat right which you need to use some social engineering to exploit. XSS or redirects sent in email, etc. 2:37 PM Nov 14th from TweetDeck in reply to djtechnocrat
  15. @djtechnocrat You'd have to ask the OWASP leadership, I guess. Good question. 2:34 PM Nov 14th from TweetDeck in reply to djtechnocrat
  16. @djtechnocrat PCI is about protecting card data. Client side risks count. I do worry about removing info disclosure though, you're right. 2:28 PM Nov 14th from TweetDeck in reply to djtechnocrat
  17. @djtechnocrat Definitely. 2:15 PM Nov 14th from TweetDeck in reply to djtechnocrat
  18. @marcinw post on ha.ckers.org. Twitter is too small to have a meaningful conv. It is based on fact. No FUD, just some TBDs. 2:15 PM Nov 14th from TweetDeck in reply to marcinw
  19. @t3rmin4t0r yessir, that was my DefCon speech with Sam Bowne. My part was on Slowloris and the Iranian rebels. 1:53 PM Nov 14th from TweetDeck in reply to t3rmin4t0r
  20. @djtechnocrat Yes, that was the first part of the convo. Damned 140 chars! 1:51 PM Nov 14th from TweetDeck in reply to djtechnocrat