More Free Articles

10 Oct 2005

I'm still trying to catch up on posting articles to my web site - there are now four more available for free:

If you only read one, read the article on CSRF (cross-site request forgeries). I think it is one of the most overlooked attack vectors around, and it doesn't receive the attention it deserves. If you've never heard of CSRF, I bet your applications are vulnerable.

Note: If you're interested in CSRF attacks, you might want to view the slides of PHP Security by Example (with class files) and follow along with the exercises - one of them covers CSRF, so you can try it out for yourself.