<script>alert(­­­'XSS Attacks For Fun and Profit')</sc­ript&­gt; by Phil Corliss

<script>alert('XSS Attacks For Fun and Profit')</script>

If you handle user input in your web app you've likely had to deal with the prevention of XSS attacks. As part of this talk we'll go over recent attacks in the wild, get our hands dirty exploiting a sample web application, and learn about some best practices around prevention and damage control.

Phil Corliss

Phil is a freelance software developer. His main interests lie in performance, operations, security, geographic services, AB testing, corgis, and fine cheese. His current project is GitSentry.com, an online static analysis tool that detects security vulnerabilities in your web application. 

 

Geekfest Events

Food is always provided!

All Geekfest events are recorded and will be published on the Groupon Engineering vimeo channel. When this video is published, the link will be added to this event as a comment! 

Make sure to let us know if you need building access! Answer the "RSVP Question" with your full name.

Geekfest is always looking for speakers! Email us at [masked] if you are interested in giving a talk.

Join or login to comment.

  • Brian K.

    Corliss was a great speaker! I'd gladly go to another talk by him.

    1 · July 1

Our Sponsors

People in this
Meetup are also in:

Create your own Meetup Group

Get started Learn more
Bill

I started the group because there wasn't any other type of group like this. I've met some great folks in the group who have become close friends and have also met some amazing business owners.

Bill, started New York City Gay Craft Beer Lovers

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy