Post:

<div>
                    <span style="font-size:14px;">Advanced Ajax Security</span><br/>
                    From: <a href="http://www.slideshare.net/amiable_indian/">amiable_indian</a>, 6 months ago<br /><br />
                    <div style="width:425px;text-align:left" id="__ss_329890"><a style="font:14px Helvetica,Arial,Sans-serif;display:block;margin:12px 0 3px 0;text-decoration:underline;" href="http://www.slideshare.net/amiable_indian/advanced-ajax-security?type=powerpoint" title="Advanced Ajax Security">Advanced Ajax Security</a><object style="margin:0px" width="425" height="355"><param name="movie" value="http://static.slideshare.net/swf/ssplayer2.swf?doc=advanced-ajax-security-4653&stripped_title=advanced-ajax-security" /><param name="allowFullScreen" value="true"/><param name="allowScriptAccess" value="always"/><embed src="http://static.slideshare.net/swf/ssplayer2.swf?doc=advanced-ajax-security-4653&stripped_title=advanced-ajax-security" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="425" height="355"></embed></object><div style="font-size:11px;font-family:tahoma,arial;height:26px;padding-top:2px;">View SlideShare <a style="text-decoration:underline;" href="http://www.slideshare.net/amiable_indian/advanced-ajax-security?type=powerpoint" title="View Advanced Ajax Security on SlideShare">presentation</a> or <a style="text-decoration:underline;" href="http://www.slideshare.net/upload?type=powerpoint">Upload</a> your own. (tags: <a style="text-decoration:underline;" href="http://slideshare.net/tag/security">security</a> <a style="text-decoration:underline;" href="http://slideshare.net/tag/ajax">ajax</a>)</div></div><br /><br />
                    Advanced Ajax Security<br /><br />
                    <a href="http://www.slideshare.net/amiable_indian/advanced-ajax-security">SlideShare Link</a>
                </div>

All Comments(0)
Comments
Notes on Slide 1

« Prev Next »

All comments

Add a comment on Slide 1

If you have a SlideShare account, login to comment; else you can comment as a guest

Favorites & Groups

Showing 1-50 of 3 (more)

Advanced Ajax Security

From amiable_indian, 6 months ago

712 views | 0 comments | 3 favorites | 28 downloads | 3 embeds (Stats)

Favorite

+ Group / Event

Download file

Groups / Events

Embed
options

Flash and AJAX
34960 views

AJAX
11832 views

Ajax Development With Dreamweaver
3379 views

REST and AJAX Reconciled
3775 views

Designing For Ajax
32181 views

Pascarello_Investigating JavaScript and Ajax Security

Pascarello_Investigating JavaScript an...
5835 views

Naked Security
10140 views

How to make Ajax work for you
21176 views

More Info

This slideshow is Public

Total Views: 712
on Slideshare: 679
from embeds: 33

Most viewed embeds:

23 views: http://www.secguru.com

9 views: http://www.vigilia.org

1 view : http://www.blogger.com

Flag as inappropriate

Slideshow transcript

Slide 1:Ad v a n c e d A ja x S e c u r it y Billy Hoffman (billy.hoffman@hp.com) Manager, HP Security Labs © 2007 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice

Slide 2:Who am I? • Manager HP Security Labs • In security space for 6 years • CS Degree from Georgia Tech • Areas of focus − Crawling and sampling − JavaScript static analysis − XSS • Frequent presenter at hacker/security conferences 2

Slide 3:Presentation Overview • Manipulating Client-side logic • Defeating logic protection techniques • Function Hijacking • JSON Hijacking • Hacking Google Gears 3 March 31, 2008

Slide 4:“Boring” Ajax Security • Increased attack surface • Direct API access • Easier to reverse engineer • Amplifying web attacks • Offline attacks • “Surely no on

Slideshare.net (beta)