Latest
Tracking an Anonymous Peer Using WebRTC
It's was about a year ago, someone in my rather big office (100~200 people) started to send annoying emails with cheesy phrases and images regarding the new…
html-5securitywebrtcprivacy
GUYA.NET — Web Security, JavaScript, and Browser Technology
Recent Posts
118 articlesL
Leeching Streaming Videos With Node.js X-ray and FFmpeg
In the last post I've mentioned the The 6th Annual International Cybersecurity Conference and the great videos it have. But, these videos are streamed with…
Great Security Videos You Probably Have Not Seen
Exactly 2 months ago The 6th Annual International Cybersecurity Conference was held in Tel-Aviv. It was packed with presentations from leading security…
S
Simple Server Polling in AngularJS Done Right
Plunker is here. Syncing with the server these days is much easier with libraries like socket.io and alike. But, even though there is no need to mess with…
W
Webcam spying with Chrome
tl;dr; Browsers doesn’t handle webcam permissions well enough. Users should be extremely wary about what’s going on in their browser. From a list of 30 bugs…
T
The never ending browser sessions
tl;dr; The concept of session memory is not valid anymore in today’s browsers. Even sessionStorage is not cleared after closing the tab. It’s easily revived…
S
Sharing sessionStorage between tabs for secure multi-tab authentication
tl;dr; I’ve created mechanism that will leverage the secure nature of the browser sessionStorage or memoryStorage for authentication and will still allow the…
Leeching an FTP with Python
TL;DR; This script will leech all the files from a folder in an FTP. It’s especially appropriate for dealing with enormous amount of files – hundreds of…
H
How to know when Chrome console is open
tl;dr; Although it’s not supposed to be supported – it’s possible to know whether the Chrome console is opened or not. Check it out. Reddit discussion. … Ever…
c
cj-sp-pb
This post was made public on 27.8.2015. It was previously disclosed privately to Google. More info: Webcam spying with Chrome…
To Listen Without Consent – Abusing the HTML5 Speech
tl;dr; I found a bug in Google Chrome that allows an attacker to listen on the user speech without any consent from the user and without any indication. Even…
F
Found a CSRF Flaw in a Big E-Commerce Website
tl;dr I stumbled upon some CSRF flaws in a very popular e-commerce website. CSRF flaws are generally overlooked and the only way for you as the user to…