Mario Heiderich
19 SlideShares 485 Abonné 2 Suivis
Personal Information
Entreprise/Lieu de travail
Berlin Germany
Profession
Security Research / Penetration Testing
Site Web
cure53.de
À propos
I find bugs. Some for customers, some for fun. Some I can talk about, some I can't. Other than that I am a very simple person.
Coordonnées
Mots-clés
xss security javascript browser html5 firefox html svg xml attack phpids jsmvc angularjs obfuscation confidence opera vector detection generic chrome sandbox github clipboard office copy&paste es6 javascript ecma xss browser es2015 ecmascript dom clobbering xss security browser html css javas mvc framework innerhtml attacks scriptless xfo noscript csp xssme useragent defense images kittens es5 ids ips rbac prague vulnerability attacking developer svn css makup sql secuity web german wrmer worms xss security javascript useragent obfuscation vectors gecko trident w3c xhtml markup xxe
Tout plus

Présentations

(19)
Tout voir

Generic Attack Detection - ph-Neutral 0x7d8

il y a 15 ans 1547 Vues

I thought you were my friend!

il y a 14 ans 1732 Vues

The Ultimate IDS Smackdown

il y a 14 ans 1663 Vues

JavaScript From Hell - CONFidence 2.0 2009

il y a 13 ans 21922 Vues

Web Wuermer

il y a 13 ans 1611 Vues

The Future of Web Attacks - CONFidence 2010

il y a 13 ans 2877 Vues

I thought you were my friend - Malicious Markup

il y a 12 ans 3586 Vues

HTML5 - The Good, the Bad, the Ugly

il y a 12 ans 1983 Vues

Dev and Blind - Attacking the weakest Link in IT Security

il y a 12 ans 5647 Vues

Locking the Throne Room - How ES5+ might change views on XSS and Client Side Security

il y a 12 ans 3211 Vues

The Image that called me - Active Content Injection with SVG Files

il y a 12 ans 10079 Vues

Locking the Throneroom 2.0

il y a 11 ans 6421 Vues

Scriptless Attacks - Stealing the Pie without touching the Sill

il y a 10 ans 45702 Vues

The innerHTML Apocalypse

il y a 10 ans 34841 Vues

JSMVCOMFG - To sternly look at JavaScript MVC and Templating Frameworks

il y a 9 ans 70315 Vues

In the DOM, no one will hear you scream

il y a 8 ans 33076 Vues

ECMAScript 6 from an Attacker's Perspective - Breaking Frameworks, Sandboxes, and everything else

il y a 8 ans 45366 Vues

Copy & Pest - A case-study on the clipboard, blind trust and invisible cross-application XSS

il y a 8 ans 30341 Vues

An Abusive Relationship with AngularJS

il y a 7 ans 129187 Vues

J’aime

(1)

A XSSmas carol

cgvwzq il y a 7 ans
Personal Information
Entreprise/Lieu de travail
Berlin Germany
Profession
Security Research / Penetration Testing
Site Web
cure53.de
À propos
I find bugs. Some for customers, some for fun. Some I can talk about, some I can't. Other than that I am a very simple person.
Mots-clés
xss security javascript browser html5 firefox html svg xml attack phpids jsmvc angularjs obfuscation confidence opera vector detection generic chrome sandbox github clipboard office copy&paste es6 javascript ecma xss browser es2015 ecmascript dom clobbering xss security browser html css javas mvc framework innerhtml attacks scriptless xfo noscript csp xssme useragent defense images kittens es5 ids ips rbac prague vulnerability attacking developer svn css makup sql secuity web german wrmer worms xss security javascript useragent obfuscation vectors gecko trident w3c xhtml markup xxe
Tout plus