1 / 14

Cross Site Scripting Explained| What Is Cross Site Scripting Attack?|Simplilearn

In today's presentation on cross site scripting explained, we are going to explain what is cross site scripting attack and why it's considered one of the riskiest web attacks in the world. From it's basic explanation to it's working, categories and preventive measures, our lesson is all that one needs to learn about cross site scripting. We have a live demonstration at the end of our lesson where we solve 6 levels of cross site scripting challenges while following methodologies of an ethical hacker. The topics covered in this slide are:<br>

Simplilearn
Download Presentation

Cross Site Scripting Explained| What Is Cross Site Scripting Attack?|Simplilearn

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. What Are We Learning Today? What Is Cross-Site Scripting? Working of Cross-Site Scripting Categories of Attacks Preventive Measures Live Demonstration

  2. What Is Cross-Site Scripting?

  3. Click here to watch the video

  4. What Is Cross-Site Scripting? • Malicious code execution, run on victim’s browser • Steals user cookies, data and private information stored in the browser • Mostly performed using JavaScript and HTML, among other client-side languages • Can be simple media being displayed or harmful malware being installed

  5. Working of Cross-Site Scripting

  6. Working of Cross-Site Scripting Server Website Hacker Victim

  7. Categories of Attacks

  8. Categories of Attacks Reflective XSS – Harmful Script is not saved on servers Persistent XSS – Malicious code and script is saved on the servers DOM Based XSS – Modifies Document Object Model of the website

  9. Preventive Measures

  10. Preventive Measures • Third party frameworks like Acunetix • Sanitize & validate input/HTML code • Escape rules for URLs • Encode JavaScript • Implement CSP • Using HTTPOnly flag

  11. Live Demonstration

More Related