viernes, 7 de junio de 2013

XSS desde cero [Completo]

 


1.- Introducción
 
2.- Tipos de Ataques
- Reflected Cross Site Scripting (XSS Reflejado)
- Stored Cross Site Scripting (XSS Persistente)
- DOM Cross Site Scripting (DOM XSS)
- Cross Site Flashing (XSF)
- Cross Site Request/Reference Forgery (CSRF)
- Cross Frame Scripting (XFS)
- Cross Zone Scripting (XZS)
- Cross Agent Scripting (XAS)
- Cross Referer Scripting (XRS)
- Denial of Service (XSSDoS)
- Flash! Attack
- Induced XSS
- Image Scripting
- anti-DNS Pinning
- IMAP3 XSS
- MHTML XSS
- Expect Vulnerability
 
3.- Evitando Filtros
 
4.-PoC examples
- Bypassing filters
- Data Control PoC
- Frame Jacking PoC
 
5.- Técnicas de ataque
+ Classic XSS - Robando “cookies”
+ XSS Proxy
+ XSS Shell
+ Ajax Exploitation
+ XSS Virus / Worms
+ Router jacking
+ WAN Browser hijacking
- DNS cache poison
- XSS Injected code on server
- Practical Browser Hijacking
 
6.- XSS Cheats
-Fuzz Vectors
 
7.-Screenshots>
 
8.-Herramientas
 
9.-Links
 
10.-Bibliografía
 
11.-Licencia de uso
 
12.-Autor

0 comentarios:

Publicar un comentario