Introduction to Cross-Site Scripting
This video covers the basics of cross-site scripting, including reflected, stored, and DOM-based XSS as well as remediation to protect against these attacks.
-
-
Realistically Assessing the Threat of Clickjacking Today: A Penetration Tester Perspective
Raxis’ Lead Developer Adam Fernandez discusses clickjacking, explaining what it is and why it represents less of a threat now than it once did. Adam also talks about how clickjacking differs from similar attacks.
-
Phish Like the Pros
Phish attacks are a significant threat to all organizations. In this video Raxis’ Scottie Cole shares tips and tricks for phishing assessments.
-
LDAP Passback and Why We Harp on Passwords
LDAP passback exploits are easy when companies fail to change default passwords on network devices or fail to assign a password at all. If you connect it, you must protect it.
-
Remediating Account Enumeration Vulnerabilities From Your Penetration Test
Account enumeration reveals whether usernames are valid for use in other attacks. Lead Penetration Tester Matt Dunn explains how it works and how to prevent it.
