This link has been bookmarked by 876 people . It was first bookmarked on 17 Jun 2006, by Jon Phipps.
-
30 Aug 16
-
18 Jan 16
-
03 Aug 15
-
09 Oct 13
-
16 Aug 12
-
04 Aug 12
-
31 Jul 12
-
19 Jul 12
-
17 Jul 12
-
15 Jul 12
-
22 Jun 12
-
21 Jun 12
-
05 Jun 12
-
21 May 12
-
18 May 12
-
10 May 12
-
09 May 12
-
16 Apr 12
-
05 Apr 12
-
28 Mar 12
-
19 Mar 12
-
16 Mar 12
-
15 Mar 12
Karsten Froehlich"Note from the author: XSS is Cross Site Scripting. If you don't know how XSS (Cross Site Scripting) works, this page probably won't help you. This page is for people who already understand the basics of XSS attacks but want a deep understanding of the nuances regarding filter evasion. This page will also not show you how to mitigate XSS vectors or how to write the actual cookie/credential stealing/replay/session riding portion of the attack. It will simply show the underlying methodology and you can infer the rest. Also, please note my XSS page has been replicated by the OWASP 2.0 Guide in the Appendix section with my permission. However, because this is a living document I suggest you continue to use this site to stay up to date. "
-
05 Mar 12
-
01 Mar 12
-
20 Feb 12
-
14 Feb 12
-
13 Feb 12
-
27 Jan 12
-
20 Jan 12
-
19 Jan 12
-
03 Jan 12
-
19 Dec 11
-
13 Dec 11
-
05 Dec 11
-
21 Nov 11
-
14 Nov 11
-
10 Nov 11
-
08 Nov 11
-
29 Oct 11
-
27 Oct 11
-
18 Oct 11
-
17 Oct 11
-
14 Oct 11
Denis SchollerThis page is for people who already understand the basics of XSS attacks but want a deep understanding of the nuances regarding filter evasion
-
12 Oct 11
-
11 Oct 11
-
28 Sep 11
-
27 Sep 11
-
03 Sep 11
-
25 Aug 11
-
03 Aug 11
-
20 Jul 11
-
28 Jun 11
-
26 Jun 11
-
05 Jun 11
-
25 May 11
-
19 May 11
-
09 May 11
-
07 May 11
-
17 Apr 11
-
14 Apr 11
-
11 Apr 11
-
10 Apr 11
-
09 Apr 11
-
08 Apr 11
-
06 Apr 11
-
24 Mar 11
-
20 Mar 11
-
06 Mar 11
-
04 Mar 11
-
03 Mar 11
-
02 Mar 11
-
23 Feb 11
-
13 Feb 11
-
07 Feb 11
-
02 Feb 11
-
27 Jan 11
-
21 Jan 11
-
19 Jan 11
-
12 Jan 11
-
31 Dec 10
-
28 Dec 10
-
21 Dec 10
-
15 Dec 10
-
10 Dec 10
-
07 Dec 10
nake
Detecting Malice Fraud Loss eBookNote from the author: XSS is Cross Site
Scripting. If you don't know how XSS (Cross Site Scripting) works, this
page probably won't help you. This page is for people who already
understand the basics of XSS attacksecurity hacking reference cheatsheet web programming webdev javascript delicious
-
05 Dec 10
-
01 Dec 10
-
26 Nov 10
-
25 Nov 10
-
24 Nov 10
-
13 Nov 10
Would you like to comment?
Join Diigo for a free account, or sign in if you are already a member.