Loading...

libinjection: from sqli to xss - Nick Galbreath

864 views

Loading...

Loading...

Transcript

The interactive transcript could not be loaded.

Loading...

Loading...

Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Feb 3, 2014

libinjection was introduced at Black Hat USA 2012 to quickly and accurately detect SQLi attacks from user inputs. Two years later the algorithm has been used by a number of open-source and proprietary WAFs and honeypots. This talk will introduce a new algorithm for detecting XSS attacks. Like the SQLi libinjection algorithm, this does not use regular expressions, is very fast, and has a low false positive rate. Also like the original libinjection algorithm, this is available on GitHub with free license. We'll discuss the current state of libinjection SQLi, how SQLi and XSS differ semantically from an defenders point of view, how the libinjection algorithm works, the current results and availability.

-

Managed by the official OWASP Media Project https://www.owasp.org/index.php/OWASP...

Loading...

When autoplay is enabled, a suggested video will automatically play next.

Up next


to add this to Watch Later

Add to

Loading playlists...