Network Security Consulting Agency Since 1989 - Specialized in Unix, Windows, TCP/IP and Internet
Text mode: access to the page content
Hervé Schauer Consultants
You are here: Home > Resources > Lectures > Cross Site Scripting and Phishing
Go to: HSC Trainings
Version française
o Skills & Expertise
o Consulting
o ISO 27001 services
o Vulnerabilities monitoring
o Audit & Assessment
o Penetration tests
o Vunerability assessment (TSAR)
o Forensics
o Training courses
o E-learning
o Agenda
o Past events
o Tutorials
o Thematic index
o Tips
o Lectures
o Courses
o Articles
o Tools (download)
o Vulnerability watch
o Hervé Schauer
o Team
o Job opportunities
o Credentials
o History
o Partnerships
o Associations
   Press and
o HSC Newsletter
o Press review
o Press releases
o Publications
o How to reach us
o Specific inquiries
o Directions to our office
o Hotels near our office
|>|Cross Site Scripting and Phishing  
> Access to the content HTML Beginning of the presentation
PDF PDF version [2073 KB]
AdobeFlash Adobe Flash version  
> Description Cross Site Scripting and Phishing  
> Context & Dates Talk presented during the Journées d'Informatique Pratique 2005 in Hammamet, Tunisia, on 1 April 2005.
> Author Thomas Seyrat 
> Type [ French - HTML ]  
> Abstract &
Table of content
Attaques de type XSS
Rappel fonctionnement Web
Exemple HTTP
Mécanismes JavaScript
Cross Site Scripting
XSS par « Stockage »
XSS par « Réflexion »
Exploitation - 1
Exploitation - 2
Exploitation - 3
Exploitation - 4
Exploitation - 5
Vol de session par XSS (via printenv)
Solutions de protection - 1
Solutions de protection - 2
Solutions de protection - 3
Solutions de protection - 4
Phishing Subterfuges et social engineering
Phishing : principe
Un exemple : le courrier initial
Suite de l'exemple eBay : le site appât
Exemple plus subtil, plus récent ...
Amazon, suite ....
Les cibles du phishing
Les techniques du phishing
Subterfuges graphiques
Exemple (14/01/2005)
Exemple (12/01/2005)
Autres techniques de phishing
Cross Site et phishing
Cross Site Frames et phishing
Illustration - Suite
Autre exemple (21/12/2004)
Exemple - suite
Exemple - Récapitulatif
Se protéger du phishing
Les perspectives du phishing
Merci de votre attention  
> Related documents
> Copyright © 2005, Hervé Schauer Consultants, all rights reserved.


Last modified on 19 May 2005 at 09:56:39 CET - webmaster@hsc.fr
Information on this server - © 1989-2010 Hervé Schauer Consultants