Don't Trust the DOM - Bypassing XSS Mitigations via Script Gadgets

Don't Trust the DOM - Bypassing XSS Mitigations via Script Gadgets

OWASP Foundation via YouTube Direct link

OWASP Call to arms

22 of 23

22 of 23

OWASP Call to arms

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Don't Trust the DOM - Bypassing XSS Mitigations via Script Gadgets

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 OWASP Agenda
  3. 3 OWASP Cross-Site-Scripting (XSS) primer
  4. 4 OWASP Isn't XSS a solved problem?
  5. 5 OWASP How do mitigations work?
  6. 6 OWASP Modern Applications - Example
  7. 7 OWASP What are Script Gadgets?
  8. 8 OWASP Attacker model
  9. 9 OWASP Methodology
  10. 10 OWASP Bypassing WAFS & XSS filters
  11. 11 OWASP Bypassing HTML sanitizers
  12. 12 OWASP Bypassing Content Security Policy
  13. 13 OWASP Bypassing CSP strict dynamic
  14. 14 OWASP Gadgets in expression parsers
  15. 15 OWASP Empirical Study
  16. 16 OWASP Research Questions
  17. 17 OWASP Script Gadgets in user land code
  18. 18 OWASP Gadgets effectiveness - user land code
  19. 19 OWASP Root Cause Analysis
  20. 20 OWASP Example
  21. 21 OWASP Challenges
  22. 22 OWASP Call to arms
  23. 23 OWASP Summary

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.