Monday, 23 June 2008

In this tutorial paper, Gerasimos describes in full detail how to perform  an XSS filter invasion and run his JavaScript key logger in order to steal user names, passwords and user credentials.

Monday, 23 June 2008

In this tutorial paper, Gerasimos Kassaras provides useful insight into how to defend against cross-site scripting with .NET.

Thursday, 19 June 2008

An interesting paper on how to use various obfuscations for XSS filter evations to inject JavaScript code.

Thursday, 19 June 2008

This text lists useful Firefox add-ons to use for website vulnerability assessments.

Tuesday, 3 June 2008

This  paper was written back in 2003 and includes a very good description of what cross-site scripting is, methods of injection and filtering and a section titled "Inside the mind, mental walk along of a XSS hack".

Tuesday, 29 April 2008

Russ's latest toolsmith column for ISSA Journal is a very interesting read about cross-site scripting.

1 2 3 4