If you'd like to know a little more about HTML5 & security, in January I will be giving a one-day training with
Niebezpiecznik.pl entitled "
Hacking HTML5".
Topics covered:
- New XSS vectors in HTML5
- Cross Origin Resource Sharing
- Cross Document Messaging
- XMLHttpRequest Level 2
- Offline cache & other client-side storages
- Web SQL
- Web sockets
- Clickjacking with HTML5
- Geolocation
... and others. Several vulnerabilities and attacks will be taught together with instructions on how to implement above features securely. Many existing HTML5-related tools (e.g. by
Lavakumark Kuppan of
andlabs.org or
some of
mine) will be presented. Special attention will be put to
HTML5 features that may break existing legacy HTML4/XHTML applications.
We will be attacking and defending a prepared social networking application.
The training is targetted to:
- webdevelopers
- pentesters
- and all other hackers
If you're interested and able to come to Cracow this January,
read more about the program & register. Contact me and maybe we can arrange some discounts for the training ;)
No comments:
Post a Comment