Results 81 to 90 of about 2,773 (206)

Технологія тестування DOM XSS уразливості

open access: yes, 2017
The paper presents research results and vulnerability testing algorithms for one of the most common types of attacks on Web-based applications - cross site scripting - XSS (Cross Site Scripting) - DOM XSS.
Коваленко, Александр Владимирович   +1 more
core   +1 more source

A dynamic detection method based on Web crawler and page code behavior for XSS vulnerability

open access: yesDianxin kexue, 2016
XSS vulnerability is a common vulnerability of attacking the Web application and getting the user’s privacy data.Traditional XSS vulnerability detection’s softwares aren’t specially detecting for AJAX Web application.There is a huge disparity in the ...
Yi LIU, Junbin HONG
doaj   +2 more sources

XSS PEEKER: Dissecting the XSS Exploitation Techniques and Fuzzing Mechanisms of Blackbox Web Application Scanners [PDF]

open access: yes, 2016
Black-box vulnerability scanners can miss a non-negligible portion of vulnerabilities. This is true even for cross-site scripting (XSS) vulnerabilities, which are relatively simple to spot. In this paper, we focus on this vulnerability class, and systematically explore 6 black-box scanners to uncover how they detect XSS vulnerabilities, and obtain ...
Bazzoli, Enrico   +3 more
openaire   +2 more sources

An XML based XSS PoC platform

open access: yes, 2008
Usually when one wast to illustrate an XSS vulnerability there are two approaches. The first is to show the client the XSS and assume that they know and understand the impact. The second is to write a fully fledged exploit which takes some form of action
Eve, Martin Paul
core  

Bypass ASP.NET XSS Protection in Internet Explorer

open access: yes, 2007
ASP.NET comes preloaded with some default XSS protection which is actually pretty nifty. However, it turns out that the system can be circumvented by a variety of methods, as illustrated by this test ...
Eve, Martin Paul
core  

Katsaus XSS-haavoittuvuuksiin [PDF]

open access: yes, 2020
XSS-haavoittuvuudet ovat yksi yleisimmistä tietoturvariskeistä. Ne ovat verkkosovellusten haavoittuvuuksia, jotka usein perustuvat tietoturvan laiminlyöntiin sovelluksen kehittämisvaiheessa.
Kangasmäki, Patric
core  

.NETIDS can now detect fragmented XSS

open access: yes, 2007
Today I made some large commits to the .NETIDS project to enable detection of fragmented XSS ...
Eve, Martin Paul
core  

Finding DOM-based XSS vulnerabilities via forced execution

open access: yes, 2022
학위논문(석사) - 한국과학기술원 : 정보보호대학원, 2022.2,[iii, 22 p. :]사이트 간 스크립팅(Cross-site Scrpting, XSS) 취약점은 공격자가 임의의 자바스크립트 코드를 피해자의 브라우저에서 실행되도록 삽입하는 취약점이다. 동시에 아직까지도 웹 애플리케이션 공격에 가장 많이 쓰이는 취약점 중 하나이다. DOM-based XSS 취약점은 클라이언트의 자바스크립트(JavaScript)가 실행되는 과정에서 임의의 자바스크립트
이다훈
core  

(C)SRF one-time token bypass using AJAX and XSS

open access: yes, 2007
This morning I knocked up some proof of concept code to illustrate the retrieval of one-time authentication tokens. The situation in which this is handy is when a site follows best practices and implements a one-time authentication token, but is ...
Eve, Martin Paul
core  

Nové přístupy k automatické detekci XSS chyb

open access: yes, 2020
Cross-site scripting (XSS) flaws are a class of security flaws particular to web applications. XSS flaws generally allow an attacker to supply affected web application with a malicious input that is then included in an output page without being properly ...
Steinhauser, Antonín
core  

Home - About - Disclaimer - Privacy