XSS Attacks: Cross Site Scripting Exploits and Defense

Name: XSS Attacks: Cross Site Scripting Exploits and Defense
Rating: 4 (2 reviews)

ISBN-10: 0080553400
ISBN-13: 9780080553405
Category: Computers
Pages: 480
Language: English
Published: 2011-04-18
Publisher: Elsevier
Authors: Seth Fogie, Jeremiah Grossman, Robert Hansen

Description

A cross site scripting attack is a very specific type of attack on a web application. It is used by hackers to mimic real sites and fool people into providing personal data. XSS Attacks starts by defining the terms and laying out the ground work. It assumes that the reader is familiar with basic web programming (HTML) and JavaScript. First it discusses the concepts, methodology, and technology that makes XSS a valid concern. It then moves into the various types of XSS attacks, how they are implemented, used, and abused. After XSS is thoroughly explored, the next part provides examples of XSS malware and demonstrates real cases where XSS is a dangerous risk that exposes internet users to remote access, sensitive data theft, and monetary losses. Finally, the book closes by examining the ways developers can avoid XSS vulnerabilities in their web applications, and how users can avoid becoming a victim. The audience is web developers, security practitioners, and managers. XSS Vulnerabilities exist in 8 out of 10 Web sites The authors of this book are the undisputed industry leading authorities Contains independent, bleeding edge research, code listings and exploits that can not be found anywhere else

Get the book

Other editions

XSS Attacks: Cross Site Scripting Exploits and Defense
- 2007-05-23
- 480 pages
- Paperback
- Syngress

Similar books

Cross-Site Scripting Attacks: Classification, Attack, and Countermeasures
By B. B. Gupta, Pooja Chaudhary
This book provides a detailed overview of the XSS attack; its classification, recent incidences on various web applications, and impacts of the XSS attack on the target victim.
Web Security: A WhiteHat Perspective
By Hanqing Wu, Liz Zhao
Proxy Hunter is a common tool for searching the proxy server (Figure 13.3). AccessDiver has been automated to achieve this attack by changing the IP address, and it can import the proxy server's addresses in bulk, and then crack the ...
Cross-Site Scripting Attacks: Classification, Attack, and Countermeasures
By B. B. Gupta, Pooja Chaudhary
Mainly, the user can submit some form of data to the web site through many ways such as using form submission and message posting, or through advance methods like JSON, AJAX, XML, etc. As this is an untrusted information entered by the ...
Spring 5.0 Cookbook: Recipes to build, test, and run Spring applications efficiently
By Sherwin John Calleja Tragura
Over 100 hands-on recipes to build web applications easily and efficiently IN Spring 5.0 About This Book Solve real-world problems using the latest features of the Spring framework like Reactive Streams and the Functional Web Framework.
Oracle JET for Developers: Implement client-side JavaScript efficiently for enterprise Oracle applications
By Raja Malleswara Rao Pattamsetti
Style and approach This book will have a practical step by step approach where every step of application development will be explained in detail with code samples.
Case Studies of Award-Winning XSS Attacks: Part 2
By Dawid Czagan
If you've already caught up with Case Studies of Award-Winning XSS Attacks: Part 1, get ready to build on your knowledge with the second course in this series - Case Studies of Award-Winning XSS Attacks: Part 2.
Detection of Intrusions and Malware, and Vulnerability Assessment: 5th International Conference, DIMVA 2008, Paris, France, July 10-11, 2008, Proceedings
By Diego Zamboni
This book constitutes the refereed proceedings of the 5th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2008, held in Paris, France in July 2008.
Effective Python Penetration Testing
By Rejah Rehim
Pen test your system like a pro and overcome vulnerabilities by leveraging Python scripts, libraries, and tools About This Book Learn to utilize your Python scripting skills to pentest a computer system, network, and web-application Get ...
Seven Deadliest Web Application Attacks
By Mike Shema
This book pinpoints the most dangerous hacks and exploits specific to web applications, laying out the anatomy of these attacks including how to make your system more secure.
Instant Messaging and Cross Site Scripting (XSS)
By Katharina Kurek
Cross-Site Scripting, better known as XSS, is the most far spread web application security issue. ... deface web sites, insert hostile content, conduct phishing attacks, and take over the user's browser using scripting malware.