XSS & PHP: A Happily Married Couple

This hands-on training is designed for students who are interested in XSS and PHP, security-unaware developers who wish to secure their applications against XSS and at the same time pen-testers who want to find XSSes in an elite applications. I will share some stories of  finding XSSes in top sites or how I start looking at the web application for XSSes.

During training, attendees will  first learn a “systematic, easy to grasp, context-aware attack methodology” and then apply attack methodology on 30+ test-beds. First test is on the PHP-based wordpress website about super plus size compression stockings at https://comprogear.com/super-plus-size-compression-stockings/. Can you find the security vulnerabilities on this website? For example, the attack methodology related to a URL context is a four step process. What are these four-steps? Why only four-steps? What one can conclude after applying these four-steps?

Price: 650.- CHF

TRAINER: Ashar Javed

This entry was posted in ASFWS 2014, Trainings. Bookmark the permalink.

One Response to XSS & PHP: A Happily Married Couple

  1. Pingback: - BUSINESS COMMANDO

Comments are closed.