Nytro Posted December 27, 2012 Report Posted December 27, 2012 Hacking With Web Sockets Description: AbstractHTML5 isn't just for watching videos on your iPad. Its features may be the target of a security attack as much as they may be used to improve an attack. Vulnerabilities like XSS have been around since the web's beginning, but exploiting them has become increasingly sophisticated.HTML5 features like WebSockets are part of the framework for controlling browsers compromised by XSS.This presentation provides an overview of WebSockets: How they might increase the attack surface of a web site, their implications for privacy, and the potential security problems with protocols tunneled over them. Then it demonstrates how WebSockets can be used as an effective part of a hacking framework.It closes with recommendations for deploying WebSockets securely, applying security principles to web app design, and providing a tool for exploring WebSockets security.*****Speaker: Vaagn Toukharian - Senior Software Engineer, QualysSenior Software Engineer for Qualys's Web Application Scanner. | Was involved with security industry since 1999. | Experience includes work on Certification Authority systems, encryption devices, large CAD systems, Web scanners. | Outside of work interests include IronMan triathlons and photography. Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Hacking with Web Sockets - Vaagn Toukharian on VimeoSursa: Hacking With Web Sockets Quote
