Paper: The XSS Epidemic: Tools for discovery and remediation

Written by Russ McRee, HolisticInfosec.org

Tuesday, 29 April 2008

Russ's latest toolsmith column for ISSA Journal is a very interesting read about cross-site scripting.

Paper: XSS Vulnerabilities in Common Shockwave Flash Files

Written by Rich Cannings, Google Security Team

Friday, 18 April 2008

Technical information about cross-site scripting vulnerabilities in SWF files.

Paper: Defend Against Black Hat SEO: Your Web Host Can Help

Written by Frederick Townes, W3-Edge.com

Friday, 11 April 2008

This great article gives insight into ways to defend against Black Hat SEO and what black hat SEOs can achieve when your website is vulnerable to cross-site scripting.

Paper: How to Fix a XSS Vulnerability in PHP Source Codes

Written by Langy, GoogleBig.com

Friday, 28 March 2008

Langy explains very well how to fix XSS vulnerabilities using htmlentities, htmlspecialchars and stip_tags PHP functions. Plain and simple ways that fix 99% of XSS vulns.

Paper: Cross Site Scripting - Attack and Defense Guide

Written by Xylitol, Xylitol.free.fr

Tuesday, 26 February 2008

An article about the basics of cross-site scripting.

Paper: In-Depth Analysis of Yahoo! Authentication Schemes

Written by SlicK, RSTZone.org

Sunday, 6 January 2008

SlicK from Romanian Security Team, has written a very interesting paper about the way Yahoo! authenticates their users. Provides and in-depth analysis and explanation of Yahoo! cookies. It also includes the PHP code of the "yahoo64" algorithm.

1 2 3 4 5

45884 total xss 14724 special xss 3026 fixed 5328 xss onhold 2933 EW subscribers

Tweets about ""cross site scripting" OR from:xssedcom"