In his demonstration at 7Safe’s IT Security Knowledge Share Evening, Consultant, Aleksander Gorkowienko showed the audience a real life exploitation scenario of XSS flaw which is one of the vulnerabilities most frequently found during everyday penetration testing. The live demo illustrated how an attacker may exploit Persistent Cross-Site Scripting flaw, steal a user’s cookie then takeover his session and access sensitive information (e.g. bank statements).

Video : > Click <

Leave a Comment

Powered by HaxTor | CopyWrong © 2011