xss   6522

« earlier    

Who Left Open The Cookie Jar?
Complexity of the attack surface makes for exploitable bugs.
Good reading of what kinds of things can happen.
browser  security  tracking  cookies  xss 
yesterday by drmeme
cure53/DOMPurify: DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
xss  dom  sanitizer 
15 days ago by robanderson
Web Application Penetration Testing Tool: Tracy
Tracy is a pentesting tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner. tracy should be used during the mapping-the-application phase of the pentest to identify sources of input and their corresponding outputs. tracy can use this data to intelligently find vulnerable instances of XSS, especially with web applications that use lots of JavaScript.
webapp  pentest  xss 
21 days ago by whip_lash
Implement secure ASP.NET MVC applications
This article discusses various aspects of ASP.NET MVC security and shows some tips to implement these elements in your applications.
security  mvc  asp.net  xss 
6 weeks ago by dvernau

« earlier    

related tags

3217  :velo:toimplement  algorithm  and  android  angularjs  appsec  archive  article  asp.net  attacks  authentication  authorisation  blackhat  blind  book  browser  browsers  bugbounty  cache  cheatsheet  codereview  content.security.policy  cookies  cors  crawl  crm  cross-site-scripting  crosssitescripting  csp  csr  csrf  css  ctf  cybersecurity  demo  devops  dom  dompurify  drop  dynamics  encoding  escaping  esi  exploit  filter  firefox  fuzzing  genetic  german  getting  github  greater  guide  hack  hacking  hacks  header  heise  how-to  html  html5  http  humor  iframe  important  infosec  injection  innerhtml  input  ios  java  javascript  jsp  jun18  learn  learning  less  library  microsoft  mozilla  mvc  nebrcode  netsec  npm  or  owasp  parser  pdf  pentest  pentesting  php  poc  pocket  poisoning  programming  python  rce  react  reference  regxp  sanitize  sanitizer  santization  scan  script  sec  security  semple  serialization  sql-injection  sql  sql_injection  ssrf  string  strings  svg  template  testing  than  toolkit  tools  tracking  tutorial  utilities  validator  vulnerabilites  vulnerability-scanner  vulnerability  web-development  web-security  web  webapp  webdev  webdevelopment  websec  websecurity  whitehat  without  xml  xsdb  xsrf 

Copy this bookmark:



description:


tags: