Created XSS Conclusion (markdown)

2024-11-21 23:43:13 +01:00 · 2016-05-27 15:56:54 +02:00 · 2016-05-27 15:56:54 +02:00 · 76dc6fe3b5
commit 76dc6fe3b5
parent 8f4b9d3e71
1 changed files with 28 additions and 0 deletions
--- a/XSS-Conclusion.md
+++ b/XSS-Conclusion.md
@ -0,0 +1,28 @@
+
+#### Section 4 - Conclusion. 
+By now I hope you all understand that Cross sight scripting is not as trivial
+a 'security' hole as it appears on the surface as all of the simple demos
+people post as examples.
+
+Identifying Cross Sight Scripting is the easy part.
+
+Foreseeing its possibilities and knowing how to use it to impact a user base 
+is the hard part, and is the part that is not widely discussed.
+
+With XSS so widely written about and so misunderstood alot of people have walked away
+with the false conclusion that it is an annoyance and not a threat. 
+
+The purpose of this paper is not to arm a hoard of script kiddies with a bunch of
+proven tricks, but is to try to instill a sense as its actual dangers and impacts
+with those who are in the position to do something about it.
+
+As with all knowledge, it can be a double sided sword. As rfp's paper on Sql injection
+techniques brought out the dangers of Sql injection to the public I too hope that
+this paper may have a similar effect and raising awareness and helping people to 
+limit their own (and their surfer populations) exposure.
+
+You may not loose your server to XSS attacks, it may not DOS your network, but you
+may loose your users, and you may be the reason your clients lost their credit card
+numbers, fell victim to identity theft or had their accounts tampered with.
+
+back to DeveloperDocs / CrossSiteScripting or prev. Section ((XSS Inside the mind, mental walk along of a XSS hack))