Revisiting XSS Sanitization Ashar Javed Chair for Network and Data Security Horst G¨ ortz Institute for IT-Security, Ruhr-University Bochum

Source URL: www.blackhat.com

• Software
• Computing
• Hacking
• Cross-site scripting
• Froala Editor
• HTML editor
• TinyMCE
• Online rich-text editor
• WYSIWYG
• CKEditor
• JavaScript
• Content Security Policy

Protecting Browsers from DNS Rebinding Attacks Collin Jackson Adam Barth Andrew Bortz

Source URL: www.abortz.net

• Computing
• Software
• Computer security
• Internet security
• Computer network security
• Internet privacy
• Domain name system
• DNS rebinding
• Cyberwarfare
• NoScript
• Proxy server
• Cross-site scripting

Blackbox Reversing of XSS Filters Alexander Sotirov Introduction

Source URL: www.trailofbits.com

• Computer security
• Computing
• Software engineering
• Hacking
• Cross-site scripting
• Computer worms
• Hypertext Transfer Protocol
• Cross-platform software
• JavaScript
• Samy
• Same-origin policy
• HTTP cookie

Protecting Browser State from Web Privacy Attacks Collin Jackson Andrew Bortz Stanford University

Source URL: www.abortz.net

• Internet privacy
• Web browsers
• Computer network security
• Computer access control
• HTTP cookie
• Hypertext Transfer Protocol
• Browser sniffing
• Cross-site scripting
• World Wide Web
• P3P
• Same-origin policy
• Internet Explorer

WebShield: Enabling Various Web Defense Techniques without Client Side Modifications Zhichun Li§ Tang Yi† Yinzhi Cao‡ Vaibhav Rastogi‡ Yan Chen‡ Bin Liu† Clint Sbisa‡ § NEC Laboratories America ‡ Northwes

Source URL: www.cs.northwestern.edu

• Computing
• Software engineering
• HTML
• Web development
• JavaScript
• Ajax
• Hacking
• Document Object Model
• JSON
• Dynamic web page
• Dynamic HTML
• Cross-site scripting

Reporting Status of Vulnerability-related Information about Software Products and Websites - 3rd Quarter ofJuly – September) - Information-technology Promotion Agency, Japan (IPA) and Japan Computer Emergency Re

Source URL: www.ipa.go.jp

• Computer security
• Cyberwarfare
• Computing
• Hacking
• Computer network security
• Software testing
• Vulnerability
• CERT Coordination Center
• Cross-site scripting
• SQL injection
• CVSS
• Benjamin Kunz Mejri

Dagstuhl SeminarWeb Application Security 29.03. – Executive Summary Dan Boneh1 , Ulfar Erlingsson2 , Martin Johns3 and Benjamin Livshits4 1

Source URL: drops.dagstuhl.de

• Computing
• Software engineering
• Software
• Web development
• Functional languages
• Web programming
• Hacking
• Web applications
• JavaScript
• Opa
• Cross-site scripting
• Cross-site request forgery

Server-Side Template Injection: RCE for the modern webapp James Kettle - - @albinowax Abstract Template engines are widely used by web applications to present dynamic data via web pages and e

Source URL: portswigger.net

• Computing
• Software
• Template engines
• Scripting languages
• SQL
• Java enterprise platform
• Cross-site scripting
• Hacking
• Web template system
• FreeMarker
• Apache Velocity
• SQL injection

Cross Site Scripting Explained Amit Klein, Sanctum Security Group June 2002 ¤2002 Sanctum Inc.

Source URL: inst.eecs.berkeley.edu

Website Security Statistics Report 2015 About This Report WhiteHat Security’s Website Security Statistics

Source URL: info.whitehatsec.com

• Cyberwarfare
• Computer security
• Computing
• Computer network security
• Hacking
• Software testing
• Software bugs
• Vulnerability
• Heartbleed
• Zero-day
• Cross-site scripting
• Security testing