http://labs.portcullis.co.uk Labs Portcullis updates. en Labs portcullis Tue, 22 Feb 2011 11:21:24 GMT http://backend.userland.com/rss 60 hhttp://labs.portcullis.co.uk/mg/logo.gif http://labs.portcullis.co.uk Wed, 02 Apr 2008 16:23:40 GMT http://labs.portcullis.co.uk/application/how-to-detect-and-exploit-99-of-xss-vulnerabilities/ <p>This presentation has given in Intercon 2007 (Portcullis's internal conference), Talks about exploiting and identifying most common XSS vulnerabilities in real world. </p> <p>Examples include following types,</p> <ul> <li>Classic XSS Vulnerabilities</li> <li>In HTML Attributes</li> <li>In Comments</li> <li>In Javascript Blocks</li> <li>DOM Based XSS</li> <li>Flash Based XSS</li> <li>Direct Linking</li> </ul> <p>Presentation was heavily based on demonstration, so you need to fill in the blanks.</p>