Many Websites mix secure and insecure content on the same page, like Facebook. This makes it possible to steal all the data entered on such a page easily, using Moxie Marlinspike's new SSLstrip tool.
SlowLoris is a new denial of service attack developed by RSnake.
Both exploits are explained and demonstrated.
Slides, handouts, and detailed instructions for these attacks are available at:
Loading more stuff…