Unicode Transformations: Finding Elusive Vulnerabilities
[Pages:111]Unicode Transformations: Finding Elusive Vulnerabilities
OWASP AppSecDC
November 2009
Chris Weber chris@
Casaba Security
What's this about?
? Visual spoofing and counterfeiting ? Text transformation attacks
OWASP AppSecDC - November 2009
? 2009 Chris Weber
What will you learn?
? Why you should care about Visual Integrity...
? Branding ? Identity ? Cloud Computing ? URI's!
OWASP AppSecDC - November 2009
? 2009 Chris Weber
What will you learn?
? Good techniques for finding bugs
? Web-apps and clever XSS ? Test cases for fuzzing
OWASP AppSecDC - November 2009
? 2009 Chris Weber
What about tools?
? Watcher
? Microsoft SDL recommended tool ? Passive Web-app testing for free ?
? Unibomber
? Deterministic auto-pwn XSS testing
OWASP AppSecDC - November 2009
? 2009 Chris Weber
Can you tell the difference?
OWASP AppSecDC - November 2009
? 2009 Chris Weber
How about now?
OWASP AppSecDC - November 2009
? 2009 Chris Weber
The Transformers
When good input turns bad
becomes
OWASP AppSecDC - November 2009
? 2009 Chris Weber
................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.
Related download
- table of ascii and unicode characters
- unicode transformations finding elusive vulnerabilities
- the ascii character set
- the impact of change from wlatin1 to utf 8 encoding in sas
- the unicode standard version 12 0 core specification
- the c language reference manual
- unicode character database dai kan wa jiten library of
Related searches
- unicode mathematical alphanumeric symbols
- unicode union symbol
- unicode symbols keyboard
- unicode utf 8 decoder
- unicode to utf 8 online
- unicode utf 8 utf 16
- unicode to utf 8 converter
- unicode character list
- unicode vs utf 8
- python convert unicode to ascii
- convert hex to unicode char
- convert unicode to hexadecimal