<script>alert('XSS Attacks For Fun and Profit')</script>
If you handle user input in your web app you've likely had to deal with the prevention of XSS attacks. As part of this talk we'll go over recent attacks in the wild, get our hands dirty exploiting a sample web application, and learn about some best practices around prevention and damage control.
Phil is a freelance software developer. His main interests lie in performance, operations, security, geographic services, AB testing, corgis, and fine cheese. His current project is GitSentry.com, an online static analysis tool that detects security vulnerabilities in your web application.
Food is always provided!
All Geekfest events are recorded and will be published on the Groupon Engineering vimeo channel. When this video is published, the link will be added to this event as a comment!
Make sure to let us know if you need building access! Answer the "RSVP Question" with your full name.
Geekfest is always looking for speakers! Email us at [masked] if you are interested in giving a talk.