16. Attackers
You manage to control a script that the defenders
have included on their website
A) Modify this script to steal a cookie or
username / password data
B) Automate making it past the captcha
C) Scrape all the content from behind the login
D) Don’t take the server down!
Tuesday, June 30, 15
17. Defenders
Pretend you missed the XSS vulnerability (or rely
on a compromised script for your website to
function)...and secure everything else.
A) Make it a bit harder for bots to login
B) Set some traps, make sure you hide them!
C) Try to differentiate legitimate users from bots
D) Don’t let the server go down!
Tuesday, June 30, 15