free public proxy servers list


Database statistics
Wed Jul 1 06:30:11 2015 GMT
quick proxy search
time condition:
reverse sort order:
*LOGIN HERE to access new data
recently checked proxy
filter sort by
misc. database query examples
ports to test:
To check your proxy speed and Add this proxy to public list enter here your proxy port(s) (divided by comma) and press Check button. Only your current IP address ( will be checked for those ports.
ports to test:
To request your proxy removal from this public list enter here your proxy port(s) (divided by comma) and press Remove button. Only your current IP address ( will be requested for removal.
Tue Jun 30 13:51, 2015 GMT
What is Cross-Site Request Forgery (CSRF)? More importantly, how can your business take action against it? Here's everything you need to know about this threat, its potential impact and your best defense. Cross-Site Basics CSRF attacks are listed among the OWASP Top 10, but they are often overlooked in favor of Cr oss-Site Scripting (XSS) vulnerabilities, advanced malware or inherent software flaws that make headline news. But cross-site forgery problems can be just as devastating if they're not quickly identified and defeated. At their most basic level, CSRF attacks force end users to execute actions in an authenticated web application without their knowledge. These attacks focus on state-changing requests — such as transferring funds or changing an account's linked e-mail address — rather than theft of data. Here's how it works: Users log into secure web applications and then visit other sites, outside their local perimeters, which host CSRF attack code. This code forges a request for the authenticated site using the victim's authenticated credentials, and the authenticated site has no way to know the difference. For example, if a user is legitimately logged into and opens a browser window for , a Cross-Site Scripting attack could be configured to transfer money out of his or her bank account. All it takes is one click on a hidden IFrame or a malicious e-mail link. And since the victim's browser has no way of knowing the difference between legitimate and CSRF requests, users are often unaware they've been compromised. What's more, banks and other secure web services often resist classifying this as fraud, since the request originated from the user's secure session. The threat is even more worrisome if you're using an administrator account, since CSRF attacks can compromise every aspect of an authenticated web app. A Growing Problem As noted by Threat Post, cross-site forgery attacks are now cropping up in the WSO2 Identity Server — which could give attackers the ability to add arbitrary users to the server. E&T adds United Airlines is now offering a bug bounty program that pays out for finding CSRF vulnerabilities. While they're classified as "low severity" along with XSS and third-party problems, they still pay 50,000 air miles if discovered. So how do companies defend against this growing threat? OWASP lists several defenses that do not work, such as using secret cookies or designing apps to only accept POST requests. Secret cookies are submitted with every request, even when forged, while tricking victims into submitting forged POST requests demands nothing more than a hosted form containing myriad hidden fields. An effective way to handle CSRF threats is the use of unpredictable challenge tokens , which are included per user per session; the technique is even more effective if tokens are submitted with each request. This could take the form of one-time code that must be submitted with each request, or a CAPTCHA challenge that would alert users if requests were submitted without their knowledge. While these tokens may impact the simplicity of user experience, they represent one of the most effective ways to stop CSRF attacks from stealing money or grabbing log-in credentials by redirecting e-mails. Bottom line: The number of Cross-Site Request Forgery attacks is growing as users become more inclined to leverage secure web applications while browsing the Internet at large. Combined with phishing lures and seemingly legitimate websites that host CSRF code, it's possible for almost any user — from frontline employee to administrator — to fall victim. By designing for web security from the ground up, however, and opting for challenge tokens or a similar defense, companies can make sure any forgeries are quickly uncovered. Want more information about active threat modeling for web- and cloud-based threats? Start here . Photo Source: BigStock
Threat Profile: Cross-Site Request Forgery

Serfs up!
-- Spartacus
Some well-known public proxy

Wed Jul 1 06:39:51 2015 GMT full dump

RSS more, more, howto
port vs. protocol legend:
plus (+) sign, port 1080 SOCKS
minus (-) signCONNECT
no signHTTP

Wed Jul 1 05:34:43 2015 GMT raw dump

RSS more
Type URL for anonymous surf via random CGI proxy
increase anonymity by chaining CGI proxy:

E-mail Facebook VKontakte Google Digg BlinkList NewsVine Reddit YahooMyWeb LiveJournal Blogmarks TwitThis Live
[Privacy Policy]