The Web Application Hacker’s Handbook Discovering and Exploiting Security Flaws

inducing users to interact with it. XSS attacks, on the other hand, may be

Download 5,76 Mb.

Pdf ko'rish

bet	657/875
Sana	01.01.2022
Hajmi	5,76 Mb.
	#293004

1 ... 653 654 655 656 657 658 659 660 ... 875

Bog'liq
3794 1008 4334

The cloned web sites used in phishing attacks are usually identified

inducing users to interact with it. XSS attacks, on the other hand, may be

delivered entirely via the vulnerable application being targeted. Many people

get confused between XSS and phishing because the methods used for delivery

are sometimes similar. However, there are several key points that make XSS a

much higher risk to organizations than phishing:

■■

Because XSS attacks execute within the authentic application, the user

will see personalized information relating to them, such as account

information or a “welcome back” message. Cloned web sites are not

personalized.

■■

The cloned web sites used in phishing attacks are usually identified

and shut down quickly.

■■

Many browsers and anti-malware products contain a phishing filter

Download 5,76 Mb.

Do'stlaringiz bilan baham:

1 ... 653 654 655 656 657 658 659 660 ... 875