xss   6480

« earlier    

The Real Danger of

XSS and CSRF are 2 sides of same coin.

XSS abuses the trust victim has on application.
XSS  from twitter_favs
12 days ago by blackthorne
thejameskyle/guarded-string: Prevent accidentally introducing XSS holes with the strings in your app
guarded-string - Prevent accidentally introducing XSS holes with the strings in your app
xss  template  string  javascript 
17 days ago by jimthedev
OWASP Top 10: Kritischer Blick auf die Charts | heise Developer
Die Entwicklung der OWASP Top 10, einer Liste von Sicherheitsrisiken, fand Ende 2017 erstmals öffentlich statt. Die Neuerungen können sich sehen lassen, boten aber auch Stoff für Diskussionen.
owasp  security  heise  article  german  csrf  xss  authentication  serialization  vulnerabilites 
19 days ago by keimlink
Cross-Site Scripting (XSS) Cheat Sheet | Veracode
Cross-Site Scripting (also known as XSS) is one of the most common application-layer web attacks. XSS vulnerabilities target scripts embedded in a page that are executed on the client-side (in the user’s web browser) rather than on the server-side.
25 days ago by whip_lash
I’m harvesting credit card numbers and passwords from your site. Here’s how.
"If an attacker successfully injects any code at all, it’s pretty much game over"

very entertaining read; hilariously scary!
xss  hack  npm 
5 weeks ago by stijn

« earlier    

related tags

(internet  (ranked  (website)  3217  :velo:toimplement  address  angular  angular2  application  appsec  archive  article  asp.net  aspnet  aspnetcore  attack  audit  authentication  basic  best  blog  blogthis  browser  browsers  bufferoverflow  bugbounty  burp  cheatsheet  checklist  chrome  code  commandinjection  comp3911  crm  cross-site  cross  csp  csrf  css  ctf  cybersecurity  development  disclosure  dom  dynamics  email  encoding  equifax  escaping  ethereum  exfiltration  exploit  exploitation  forgery  funbutserious  fundamentals  game  german  government  guide  guides  hack  hacking  harden  hardening  heise  how-to  html  html5  http  https  hypertext  ifttt  infosec  injection  innerhtml  item)  java  javascript  js  jsp  keskiviikko  learn  lfi  library  mailsploit  medium  microsoft  mozilla  mta  network  npm  openredirect  owasp  owasp_juice  pentest  pentesting  phantomjs  php  practice  practices  programming  protocol)  protocol  purify  react  reference  regxp  reporting  request  resource  rfc-1342  rfc  rfc1342  router  sanitize  scan  scott  script  scripting  security  sender  serialization  serviceworker  site  spoofing  spring  sql  ssl  ssrf  string  tax  template  tolearn  tom  tomscott  tool  tools  toread  tounderstand  training  transfer  tutorial  tutorials  twitter  uk  validation  video  vue  vulnerabilites  vulnerability  web-development  web  webapp  webappsec  webdev  website  windows  wordpress  worms  xsrf  zap 

Copy this bookmark: