asia-15-Johns-Client-Side-Protection-Against-DOM-Based-XSS-Done-Right-(tm)
asia-15-Johns-Client-Side-Protection-Against-DOM-Based-XSS-Done-Right-(tm)
asia-15-Johns-Client-Side-Protection-Against-DOM-Based-XSS-Done-Right-(tm)
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Finding and exploiting <strong>DOM</strong><strong>XSS</strong>vulnerabilities automatically at scale• byte-level taint tracking in Chromium each character in a string has its source informationattached to it• Chrome crawling extension also the interface between taint engine andcentral server• An exploit generator Taint information + HTML/JavaScript syntax rules Generates exploits automatically