Description: "Cross Site Scripting is one of the most difficult issues to fix since it involves several contexts on different platforms. And it is well known. With the advent of complex web application with heavy client side programming, DOM based Cross Site Scripting is becoming more and more interesting in the application security field. The difference between vanilla Xss and the latter is how hard is to find issues among thousands of JavaScript lines of code, and how contexts and attacks move from classical HTML format and client side execution to programming logic and paradigms. This talk will try to fill the emptiness of awareness about DOM Xss by showing new attacks, new analysis techniques and a new tool that is going to ease the pain of finding DOM based Cross Site Scripting issues."
Slides: http://media.hacking-lab.com/scs3/scs3_pdf/SCS3_2011_Di_Paola.pdf
Tags: securitytube , swisscyberstorm , hacking , hackers , information security , convention , computer security , cyber storm 11 , swisscyberstorm 11 , swisscyberstorm-2011 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.