This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

User input piercing for Cross Site Scripting Attacks

Jump to: navigation, search

The presentation

Owasp logo normal.jpg
This paper presents algorithms and techniques for performing user input piercing on a web application. We also introduce an heuristic to determine if a given cross-site scripting attack will effectively execute scripting code on the compromised browser. Besides, an algorithm to detect the need of encoding techniques will be presented.

The speaker

Matias works at Core Security Technologies as WebApps Exploit Writer. He is also a Ms. Student in Computer Science at Buenos Aires University. He enjoys to learn everything about WebApps Security, Interpreted Languages, Graph Theory and Language Theory.