Overview on Cross Site Scripting Attack, PHPIDS


Kishor Datar, a graduate student and research assistant with ebiquity research lab in UMBC gave a talk on Cross Site Scripting (XSS) attack. He also talked about PHPIDS, an intrusion detection system that can help prevent this attack.

He gave a very good overview on XSS and PHPIDS.

Since all organizations have web presence today, security of the web applications is important. There is a variety of attacks (Cross Site Scripting (XSS), SQL injection, Command Injections, Forced Browsing etc.) that can be launched against web applications which we need to be aware of. In this talk, I will cover Cross Site Scripting. I will also cover a slightly advanced version of XSS, tools you could use to learn more about XSS, tools that you can use to test your web applications for vulnerabilities. I will also briefly talk about PHPIDS, an IDS written in PHP that helps prevent some of these attacks. Later in the talk, I will cover few interesting hacking techniques that have been newly discovered.

You can grab the slides of the talk here.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s