Modern Web Application Penetration Testing Part 1, XSS and XSRF Together

Wednesday, 23 Oct 2019 3:30PM EDT (23 Oct 2019 19:30 UTC)
Speaker: Adrien de Beaupre

A section from SEC642 Advanced Web Application Penetration Testing! We will discuss how Cross Site Scripting and Cross Site Request Forgery can be used together in modern attacks. There will be a live demo!

Login to Register

Related Content

Purple Team, Penetration Testing and Ethical Hacking

Shifting from Penetration Testing to Red Team and Purple Team

Penetration Testing to Red Team is mentality. Red Team is "the practice of looking at a problem or situation from the perspective of an adversary".

Jorge Orchilles

Digital Forensics and Incident Response, Cybersecurity and IT Essentials, Industrial Control Systems Security, Purple Team, Open-Source Intelligence (OSINT), Penetration Testing and Ethical Hacking, Cyber Defense, Cloud Security, Security Management, Legal, and Audit

December 8, 2021

Good News: SANS Virtual Summits Will Remain FREE for the Community in 2022

They’re virtual. They’re global. They’re free.

Penetration Testing and Ethical Hacking, Cyber Defense

December 10, 2019

EQL Threat Hunting

The Event Query Language (EQL) is a standardized query language (similar to SQL) to evaluate Windows events. Written by Russ Wolf, EQL is an amazing tool to normalize Windows log events for consistent access and query. In practice, EQL is most effective when working with Windows Event Log and...