User input piercing for Cross Site Scripting Attacks

The presentation
This paper presents algorithms and techniques for performing user input piercing on a web application. We also introduce an heuristic to determine if a given cross-site scripting attack will effectively execute scripting code on the compromised browser. Besides, an algorithm to detect the need of encoding techniques will be presented.

The speaker
Matias works at Core Security Technologies as WebApps Exploit Writer. He is also a Ms. Student in Computer Science at Buenos Aires University. He enjoys to learn everything about WebApps Security, Interpreted Languages, Graph Theory and Language Theory.