Be Afraid. Be Very Afraid. Javascript security, XSS & CSRF

A walk through real-world web site vulnerabilities - Mark shows step by step how vulnerable web sites can be exploited to trigger annoying pop up windows to more sinister attacks involving session stealing and rewriting page content. Learn how to test for and protect against these increasingly common attacks.

  • Difficulty: General
  • Prerequisites: Web development experience.
  • Session Track: Javascript,Safe for Managers

Session Detail

"Criminals are going to do away with phishing ... People are not going to fall for them anymore." The favoured approach is now "drive-by downloads": injecting malicious code into popular web sites in order to infect users. Lifehacker.com.au

Speakers

Mark Stanton (Sydney, Australia)

Mark Stanton is a specialist in Internet systems design and development. Mark has a passion for many aspects of the web from usability & information architecture, to HTML, CSS and JavaScript, through to software design & development and languages such as ColdFusion, Java, ASP, PHP, Ruby and Python. More...