Loading Events

« All Events

  • This event has passed.

Blind XSS: The ticking time bomb of XSS attack | Knowledge Sharing Session

March 24 @ 6:00 pm - 7:00 pm

Free

“Blind XSS: The ticking time bomb of XSS attack” talk by Vishal Singh our Cyber Security Analyst.

Description

Blind XSS is a special type of persistent/stored XSS, where an attackers input is saved into the database and executed in another part of the application or in a totally different application when reviewed by an admin/team members. Nowadays, lots of websites use different features which directly interact with the backend team/admin for approval, it might be chances of user input invalidation at the same place. And this can lead to creating a permanent admin backdoor. Simply, a Blind XSS attack can be used as gaining the Admin privilege by hijacking the authenticated session cookie values. It is the most dangerous XSS attack among all.

What audience can learn from this talk?

How to test it, where to spray/inject the payload, which tool to use, and mitigate Blind XSS vulnerability.

Details

Date:
March 24
Time:
6:00 pm - 7:00 pm
Cost:
Free
Event Category:
View Event Website

Venue

CloudSEK
HAL 2nd Stage, Indiranagar
Bengaluru, Karnataka 560038 India

Organizer

CloudSEK
Email:
info@cloudsek.com
View Organizer Website