Research and Development

This presentation has given in Intercon 2007 (Portcullis’s internal conference), Talks about exploiting and identifying most common XSS vulnerabilities in real world.

Examples include following types,

  • Classic XSS Vulnerabilities
  • In HTML Attributes
  • In Comments
  • In Javascript Blocks
  • DOM Based XSS
  • Flash Based XSS
  • Direct Linking

Presentation was heavily based on demonstration, so you need to fill in the blanks.

How-to-Detect-XSS
How-to-Detect-XSS.odp
April 26, 2013
279.6 KiB
MD5 hash: de57eb2e787bb9bf1bf8439c8ab97d56
Details
How-to-Detect-XSS
How-to-Detect-XSS.ppt
April 26, 2013
290.5 KiB
MD5 hash: 554710551ab8a74c7c2d480c795f4273
Details
How-to-Detect-XSS
How-to-Detect-XSS.pdf
April 26, 2013
244.2 KiB
MD5 hash: 9831f023911aa3c9ce7f860453aa2c9b
Details

Request to be added to the Portcullis Labs newsletter

We will email you whenever a new tool, or post is added to the site.

Your Name (required)

Your Email (required)