Kos SecurityA blog about security.

The Hidden XSS Attacking the Desktop & Mobile Platforms – Slides & Video

A few weeks ago (October 2th) I was in Louisville, Kentucky, giving a talk at Derbycon. I also gave the same talk in San Diego (October 9th) at Toorcon 13. It’s a much expanded version of a talk I did back in June at Toorcon Seattle, “XSS Without the Browser”.

Slides are below, and video is after the break. The slides are a bit different than the video. I modified, reordered, and added a few slides, and also included a new Google application vulnerability.



(more…)