Overview
Explore a comprehensive analysis of client-side protection against DOM-based Cross-Site Scripting (XSS) in this Black Hat conference talk. Delve into the limitations of current browser-based XSS filters, particularly Chrome's XSS Auditor, as the speakers reveal 17 flaws enabling filter bypasses. Learn about a tool for automatically generating XSS attacks that exploit these vulnerabilities. Examine the results of an empirical study testing these attacks against thousands of zero-day XSS vulnerabilities in top websites, demonstrating the inadequacy of existing client-side defenses. Discover an innovative alternative XSS filter design utilizing client-side taint tracking in the JavaScript engine, offering more robust protection against DOM-XSS attacks. Gain valuable insights into improving web application security and safeguarding end-users from this pervasive threat.
Syllabus
Client-Side Protection Against DOM-Based XSS Done Right (tm)
Taught by
Black Hat