I found the following blog posting and like to share it with all of you. It has some really crazy examples of CAPTCHAS there and my favorite is definitely the one with the CAPTCHA string in the image’s URI
Craziest Captchas on the Web

Attention: If Acunetix is an OWASP member but for any reasons is not listed on the OWASP website, everything’s OK from my point of view and this posting is irrelevant at all. But I found no information about an OWASP membership by Acunetix on the Net. Also I’m not a lawyer so the following posting [...]

As I already wrote in my last post “OWASP Switzerland goes Public“, there will be an article of mine about the OWASP Top 10 in the next newsletter of the Security-Zone. It’s more or less a translation of the summary of each point out of the original (English) OWASP Top 10. Today, this newsletter went [...]

As you might know, the OWASP Switzerland Local Chapter (re-)started at the 11. November 2006 and up to then from my point of view it’s a success story. For example we had two slots at the Tweakfest 2007 where we talked about the OWASP at all and also presented the OWASP Top 10. Unfortunately there [...]

Today I was surfing the Net and I’ve found something really interesting which I never had the time to have a deeper look on but where I think are many ways of exploiting such stuff, I’m talking about registered URIs in web browsers. For example we all know about http://, ftp://, file:// and some more [...]

Rosario Valotta wrote the first “Cross Webmail Worm” (XWW) as he calls it. This worm let me think back to the Yamanner worm in 2006 which it spread over the Yahoo!-Mail service through a XSS vulnerability in the service. Now, Rosario Valotta did something which’s very similar but he wrote a POC worm called “Nduja” [...]

Last week I was thinking about some new research ideas and I have some stuff which’s (at least from my point of view) really interesting. Something I’d like to present now is Ranum. Today many things are based on random numbers but the problem we have there is, that normal computers can just generate so [...]

Normally I’ll try to keep my blog technical and don’t write too much about personal stuff because even if there are some people who would be interested in that, most of my readers are not that interested in my personal life and want to know for example if I’ve got a girlfriend, where I life [...]