XSS Attacks: Cross Site Scripting Exploits and Defense
- Length: 480 pages
- Edition: 1
- Language: English
- Publisher: Syngress
- Publication Date: 2007-05-15
- ISBN-10: 1597491543
- ISBN-13: 9781597491549
- Sales Rank: #218865 (See Top 100 Books)
A cross site scripting attack is a very specific type of attack on a web application. It is used by hackers to mimic real sites and fool people into providing personal data.
XSS Attacks starts by defining the terms and laying out the ground work. It assumes that the reader is familiar with basic web programming (HTML) and JavaScript. First it discusses the concepts, methodology, and technology that makes XSS a valid concern. It then moves into the various types of XSS attacks, how they are implemented, used, and abused. After XSS is thoroughly explored, the next part provides examples of XSS malware and demonstrates real cases where XSS is a dangerous risk that exposes internet users to remote access, sensitive data theft, and monetary losses. Finally, the book closes by examining the ways developers can avoid XSS vulnerabilities in their web applications, and how users can avoid becoming a victim. The audience is web developers, security practitioners, and managers.
Front Cover XSS Attacks: Cross Site Scripting Exploits and Defense Copyright Page Contents (1/2) Contents (2/2) Chapter 1. Cross-site Scripting Fundamentals Introduction Web Application Security XML and AJAX Introduction Summary Solutions Fast Track Frequently Asked Questions Chapter 2. The XSS Discovery Toolkit Introduction Burp Debugging DHTML With Firefox Extensions (1/3) Debugging DHTML With Firefox Extensions (2/3) Debugging DHTML With Firefox Extensions (3/3) Analyzing HTTP Traffic with Firefox Extensions (1/3) Analyzing HTTP Traffic with Firefox Extensions (2/3) Analyzing HTTP Traffic with Firefox Extensions (3/3) GreaseMonkey (1/3) GreaseMonkey (2/3) GreaseMonkey (3/3) Hacking with Bookmarklets Using Technika Summary Solutions Fast Track Frequently Asked Questions Chapter 3. XSS Theory Introduction Getting XSS'ed DOM-based XSS In Detail (1/3) DOM-based XSS In Detail (2/3) DOM-based XSS In Detail (3/3) Redirection (1/2) Redirection (2/2) CSRF Flash, QuickTime, PDE Oh My (1/6) Flash, QuickTime, PDE Oh My (2/6) Flash, QuickTime, PDE Oh My (3/6) Flash, QuickTime, PDE Oh My (4/6) Flash, QuickTime, PDE Oh My (5/6) Flash, QuickTime, PDE Oh My (6/6) HTTP Response Injection Source vs. DHTML Reality (1/2) Source vs. DHTML Reality (2/2) Bypassing XSS Length Limitations XSS Filter Evasion (1/6) XSS Filter Evasion (2/6) XSS Filter Evasion (3/6) XSS Filter Evasion (4/6) XSS Filter Evasion (5/6) XSS Filter Evasion (6/6) Summary Solutions Fast Track Frequently Asked Questions Chapter 4. XSS Attack Methods Introduction History Stealing Intranet Hacking (1/3) Intranet Hacking (2/3) Intranet Hacking (3/3) XSS Defacements Summary Solutions Fast Track Frequently Asked Questions References Chapter 5. Advanced XSS Attack Vectors Introduction DNS Pinning IMAP3 MHTML Hacking JSON (1/2) Hacking JSON (2/2) Summary Frequently Asked Questions Chapter 6. XSS Exploited Introduction XSS vs. Firefox Password Manager SeXXS Offenders Equifraked Owning the Cingular Xpress Mail User (1/4) Owning the Cingular Xpress Mail User (2/4) Owning the Cingular Xpress Mail User (3/4) Owning the Cingular Xpress Mail User (4/4) Alternate XSS: Outside the BoXXS (1/3) Alternate XSS: Outside the BoXXS (2/3) Alternate XSS: Outside the BoXXS (3/3) XSS Old School- Windows Mobile PIE 4.2 XSSing Firefox Extensions (1/4) XSSing Firefox Extensions (2/4) XSSing Firefox Extensions (3/4) XSSing Firefox Extensions (4/4) XSS Exploitation: Point-Click-Own with EZPhotoSales Summary Solutions Fast Track Frequently Asked Questions Chapter 7. Exploit Frameworks Introduction AttackAPI BeEF (1/2) BeEF (2/2) CAL9000 (1/2) CAL9000 (2/2) Overview of XSS-Proxy (1/7) Overview of XSS-Proxy (2/7) Overview of XSS-Proxy (3/7) Overview of XSS-Proxy (4/7) Overview of XSS-Proxy (5/7) Overview of XSS-Proxy (6/7) Overview of XSS-Proxy (7/7) Summary Solutions Fast Track Frequently Asked Questions Chapter 8. XSS Worms Introduction Exponential XSS XSS Warhol Worm Linear XSS Worm (1/2) Linear XSS Worm (2/2) Samy Is My Hero Summary Solutions Fast Track Frequently Asked Questions Chapter 9. Preventing XSS Attacks Introduction Filtering Input Encoding Output Encoding Web Browser's Security Summary Solutions Fast Track Frequently Asked Questions Appendix A The Owned List (1/6) Appendix A The Owned List (2/6) Appendix A The Owned List (3/6) Appendix A The Owned List (4/6) Appendix A The Owned List (5/6) Appendix A The Owned List (6/6) Index (1/6) Index (2/6) Index (3/6) Index (4/6) Index (5/6) Index (6/6)
Donate to keep this site alive
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.