HSC - Presentations - Cross Site Scripting and Phishing

Network Security Consulting Agency Since 1989 - Specialized in Unix, Windows, TCP/IP and Internet

Hervé Schauer Consultants

You are here: Home > Resources > Lectures > Cross Site Scripting and Phishing

Go to: HSC Trainings

			Skills & Expertise
			Consulting
			ISO 27001 services
			Vulnerabilities monitoring
			Audit & Assessment
			Penetration tests
			Vunerability assessment (TSAR)
			Forensics
			ARJEL
			Training courses
			E-learning

			Agenda
			Past events
			Tutorials

			Thematic index
			Tips
			Lectures
			Courses
			Articles
			Tools (download)
			Vulnerability watch

			Hervé Schauer
			Team
			Job opportunities
			Credentials
			History
			Partnerships
			Associations

Press and
communication

			HSC Newsletter
			Press review
			Press releases
			Publications

			How to reach us
			Specific inquiries
			Directions to our office
			Hotels near our office


		Cross Site Scripting and Phishing


	Access to the content		Beginning of the presentation PDF version [2073 KB] Adobe Flash version

	Description		Cross Site Scripting and Phishing

	Context & Dates		Talk presented during the Journées d'Informatique Pratique 2005 in Hammamet, Tunisia, on 1 April 2005.

	Author		Thomas Seyrat

	Type		[ - ]

	Abstract & Table of content		Flyleaf Attaques de type XSS Rappel fonctionnement Web Exemple HTTP Mécanismes JavaScript Cross Site Scripting XSS par « Stockage » XSS par « Réflexion » Exploitation - 1 Exploitation - 2 Exploitation - 3 Exploitation - 4 Exploitation - 5 Vol de session par XSS (via printenv) Solutions de protection - 1 Solutions de protection - 2 Solutions de protection - 3 Solutions de protection - 4 Conclusions Phishing Subterfuges et social engineering Phishing : principe Un exemple : le courrier initial Suite de l'exemple eBay : le site appât Exemple plus subtil, plus récent ... Amazon, suite .... Les cibles du phishing Les techniques du phishing Subterfuges graphiques Exemple (14/01/2005) Exemple (12/01/2005) Exemple Autres techniques de phishing Cross Site et phishing Cross Site Frames et phishing Illustration Illustration - Suite Autre exemple (21/12/2004) Exemple - suite Exemple - Récapitulatif Se protéger du phishing Les perspectives du phishing Merci de votre attention

	Related documents

	Copyright		© 2005, Hervé Schauer Consultants, all rights reserved.

Last modified on 19 May 2005 at 09:56:39 CET - webmaster@hsc.fr
- © 1989-2010 Hervé Schauer Consultants