Inside a Cross-Site Scripting Attack (:: extra ::)

Search

Recommended Reading

Secure Programming with Static Analysis
by Brian Chess and Jacob West
Security Metrics: Replacing Fear, Uncertainty, and Doubt
by Andrew Janquith
Building Secure Software: How to Avoid Security Problems the Right Way
by John Viega and Gary McGraw
IEEE Security & Privacy Magazine
How to Break Software Security
by J. Whittaker and H. Thompson
Security Engineering
by Ross Andersen
Software Security: Building Security In
by Gary McGraw
The Security Development Lifecycle
by Michael Howard and Steve Lipner
The Shellcoder's Handbook: Discovering and Exploiting Security Holes
by Jack Koziol, David Litchfield, Dave Aitel, Chris Anley, Sinan "noir" Eren, Neel Mehta, Riley Hassell
Writing Secure Code, 2nd ed.
by M. Howard and D. LeBlanc

« Web Vulnerabilities in the Age of the iPhone | Main | Has Online Banking become Safer than Offline Banking? »

Inside a Cross-Site Scripting Attack

A while back I recorded a brief video that demonstrates a cross-site scripting attack against a Java Web application. If you write XSS exploits all day, this won't be for you, but if you spend your days with your nose buried in code and always wanted to see a little more about how the bad guys work, check this out:

Click To Play

Posted by Jacob West on August 7, 2007 1:43 PM | Permalink

Presented By

House Rules

This blog is a place for discussion and feedback, both positive and negative. If you post here, you are agreeing to the following Participation Policy...more

Meet the Bloggers

About

This page contains a single entry from the blog posted on August 7, 2007 1:43 PM.

The previous post in this blog was Web Vulnerabilities in the Age of the iPhone.

The next post in this blog is Has Online Banking become Safer than Offline Banking?.

Many more can be found on the main index page or by looking through the archives.

:: extra ::

A Software Security Information Community