Monday, August 3, 2009

Clickjacking mitigated

Previously blogged about Clickjacking. Came across this new plugin called RequestPolicy that protects users against CSRF attacks. Decided to try it against the Zscaler Clickjacking demo. It works like a charm!!!
The high res version of this demo can be downloaded here.

NoScript is another tool to secure against Clickjacking. Neither are for n00bs though... it requires some knowledge to know what to configure.

No comments:

Post a Comment