XSS attacks : cross-site scripting exploits and defense

XSS attacks cross-site scripting exploits and defense

A cross site scripting attack is a very specific type of attack on a web application. It is used by hackers to mimic real sites and fool people into providing personal data.Cross Site Scripting Attacks starts by defining the terms and laying out the ground work. It assumes that the reader is familia...

Descripción completa

Detalles Bibliográficos
Otros Autores: Grossman, Jeremiah (-)
Formato: Libro electrónico
Idioma:Inglés
Publicado: Burlington, MA : Syngress c2007.
Edición:1st edition
Materias:
World Wide Web > Security measures.
Web sites > Security measures.
Ver en Biblioteca Universitat Ramon Llull:https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009627091106719
Tabla de Contenidos:
  • Front Cover; XSS Attacks: Cross Site Scripting Exploits and Defense; Copyright Page; Contents; Chapter 1. Cross-site Scripting Fundamentals; Introduction; Web Application Security; XML and AJAX Introduction; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 2. The XSS Discovery Toolkit; Introduction; Burp; Debugging DHTML With Firefox Extensions; Analyzing HTTP Traffic with Firefox Extensions; GreaseMonkey; Hacking with Bookmarklets; Using Technika; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 3. XSS Theory; Introduction; Getting XSS'ed
  • DOM-based XSS In DetailRedirection; CSRF; Flash, QuickTime, PDE Oh My; HTTP Response Injection; Source vs. DHTML Reality; Bypassing XSS Length Limitations; XSS Filter Evasion; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 4. XSS Attack Methods; Introduction; History Stealing; Intranet Hacking; XSS Defacements; Summary; Solutions Fast Track; Frequently Asked Questions; References; Chapter 5. Advanced XSS Attack Vectors; Introduction; DNS Pinning; IMAP3; MHTML; Hacking JSON; Summary; Frequently Asked Questions; Chapter 6. XSS Exploited; Introduction
  • XSS vs. Firefox Password ManagerSeXXS Offenders; Equifraked; Owning the Cingular Xpress Mail User; Alternate XSS: Outside the BoXXS; XSS Old School- Windows Mobile PIE 4.2; XSSing Firefox Extensions; XSS Exploitation: Point-Click-Own with EZPhotoSales; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 7. Exploit Frameworks; Introduction; AttackAPI; BeEF; CAL9000; Overview of XSS-Proxy; Summary; Solutions Fast Track; Frequently Asked Questions; Chapter 8. XSS Worms; Introduction; Exponential XSS; XSS Warhol Worm; Linear XSS Worm; Samy Is My Hero; Summary; Solutions Fast Track
  • Frequently Asked QuestionsChapter 9. Preventing XSS Attacks; Introduction; Filtering; Input Encoding; Output Encoding; Web Browser's Security; Summary; Solutions Fast Track; Frequently Asked Questions; Appendix A The Owned List; Index

Ejemplares similares