smeranda is
16 years ago
in XSS session at #heweb08
latest #17
smeranda says
16 years ago
Inject scripts into browser
smeranda says
16 years ago
in 2006, XSS vulnerabilities made up almost 70%
smeranda says
16 years ago
education has the highest vulnerabilty
立即下載
smeranda says
16 years ago
XSS is usually just the first step in a larger attack
smeranda says
16 years ago
XSS is Platform independent
smeranda says
16 years ago
XSS Can spread much faster than traditional viruses/malware
smeranda says
16 years ago
Vulnerability only exists in the URL
smeranda says
16 years ago
doing an example on nbc.com
smeranda says
16 years ago
Now he is hacking cornell.edu
smeranda says
16 years ago
htmlpurifier.org
smeranda says
16 years ago
php-ids.org
smeranda says
16 years ago
Steps: Input Filtering, Input Validation, Output Encoding
smeranda says
16 years ago
AntiSamy
smeranda says
16 years ago
XSS Me - a firefox extension that checks vulnerabilities in the current page.
smeranda says
16 years ago
every app at Mizzou has to go through an injection/XSS audit before launch.
saltybeagle says
16 years ago
excellent session
george sackett says
16 years ago
scary stuff - where to begin with our own site???
back to top