http://resources.infosecinstitute.com
Cross-site scripting (XSS) is one of the most dangerous and most
often found vulnerabilities related to web applications. Security
researchers have found this vulnerability in most of the popular
websites, including Google, Facebook, Amazon, PayPal, and many others.
If you look at the bug bounty program closely, most of the reported
issues belong to XSS. To prevent cross-site scripting, browsers also
have their own filters, but security researchers always find ways to
bypass those filters. This vulnerability is generally used to perform
cookie stealing, malware spreading, session hijacking, and malicious
redirection. In this attack, the attacker injects malicious JavaScript
code into the website so that the browser executes the script and
performs action as commanded by the attacker in the script. The
vulnerability is easy to find but hard to patch. This is why it can be
found in any website if you try.
In this post, we will see what a cross-site scripting attack is and
how to create a filter to prevent it. We will also see few open source
libraries that will help you in patching Cross-site Script vulnerability
in your web application.
=> Read More
Thursday, October 10, 2013
Subscribe to:
Post Comments (Atom)
Thanks a lot for sharing such a detailed Website with more knowledge.I want to learn Cyber Security and Malware Analysis.So What are some good, free resources to learn?
ReplyDelete