Understanding XSS

Presented at NolaCon 2019, May 17, 2019, 1 p.m. (Unknown duration)

Come learn in depth about the web vulnerability XSS. First we discuss how browsers and web apps work to better understand how it’s possible. Then we will cover the following: how to spot it in the wild, how to exploit it, remediation steps, and impact. How can I inject into your webpage? Come learn how!

Presenters:

• Christina Mitchell
  Christina is an Application Security Engineer at Indeed. She works with the crowdsourced bug hunting platform, and application assessments ranging from 3rd parties and internally developed. She loves to break things and educate.

Links:

• https://nolacon.com/talk/understanding-xss
• https://infocon.org/cons/NolaCon/NolaCon 2019/Understanding XSS Christina Mitchell.mp4

Similar Presentations:

• Black Hat Asia 2015 / Client-Side Protection Against DOM-Based XSS Done Right (tm)
• Black Hat USA 2014 / Call To Arms: A Tale of the Weaknesses of Current Client-Side XSS Filtering
• LocoMocoSec 2019 / Trusted types & the end of DOM XSS