Technology | Security | Making

Tag » phishing

Cross-Site Scripting with TinyURL for Lulz and Profit

TinyURL is a service that transforms long, inconvenient URLs (like into short, convenient ones (like Services like TinyURL are frequently used when posting links into Twitter, where character space is at a premium.

Like so many other web technologies, though, TinyURL can be abused for nefarious purposes. Specifically, it can be used for disguising payloads used in Cross-Site Scripting (XSS) attacks.

Read More