Boston BSides – Advanced XSS Attacks – Casey Dunham and David Bressler
iSpeech
Many developers are becoming increasingly familiar with the OWASP Top 10 Web Application Security Risks and the other OWASP Projects such as the OWASP Proactive Controls. However, in today’s world of advanced client side JavaScript frameworks, Single Page Applications and multi tiered RESTful backends, the common vulnerabilities that the OWASP Top 10 highlights are not as easy to find and exploit as they used to be. While these newer frameworks do a great job of increasing the security of the application they also have their own caveats, and in the real world where it takes time to refactor existing applications, new vulnerabilities can be introduced. In this presentation we take a look at advanced forms of Cross Site Scripting (XSS) in the AngularJS framework through improper usage of the AngularJS templating language and Injection attacks through the Hibernate Query Language (HQL) as well as breaking the HQL Lexer to run arbitrary SQL commands. We also present methods of auditing applications for these issues and preventing these vulnerabilities.
David Bressler is a Managing Consultant at GuidePoint Security within the Application Security Team. He has more than 8 years of broad-based experience managing application penetration testing, source code review, architecture review, network penetration testing, digital and physical social-engineering assessments. Additionally, he manages a team of Application Security consultants and focuses on team operations, mentoring, optimizing delivery of assessments, and oversees all assessments his team delivers. Before joining GuidePoint Security, he worked within Boston Children’s Hospital internal security team, and was the technical lead for the Application Security, Vulnerability Management, and Incident Response programs throughout the hospital.
His experience includes developed numerous open-source security tools and Paterva Maltego open-source intelligence integrations including NWMaltego, CuckooforCanari, Bitcoin-Explorer, and Nextego. He has also been a speaker at Bsides Boston, MassHackers, and RSA’s Security Analytics Summit events. He holds the Offensive Security Certified Professional (OSCP) and Microsoft Certified Systems Administrator (MCSA) certifications as well as several COMPTIA certifications, including the Security+, Network+, and A+.
Casey Dunham is a Security Consultant at GuidePoint Security with 10 years of experience as a full stack software developer in various industries managing development projects and building DevOps and Security initiatives into the Software Development Lifecycle. Before joining GuidePoint Security, he worked at Bigelow Laboratory for Ocean Sciences where he supported various research initiatives and the mission of the laboratory from both security and development perspectives. His experience includes conducting source code reviews, application penetration testing, network vulnerability assessments, developer training, and integrating secure software development lifecycles. He is the Chapter President of OWASP Maine and has been a speaker at Security BSides Las Vegas, OWASP Boston Application Security Conference, and Boston Code Camp, and a frequent presenter at various University security classes. He is also the lead developer of Trident, an open source Phishing framework. He earned a Bachelor of Science in Computer Science from the University of Southern Maine.
2016-08-03 19:11:01
source
Gloss