Blackbox reversing of XSS filters

Reverse engineering web applications is very different from standard binary reversing, because we usually we have only limited remote access to the application. In this talk I presented a blackbox approach to reverse engineering cross-site scripting filters in web applications. I discussed the typical design and implementation of XSS filters and present a tool that makes it easier to reverse engineer and find vulnerabilities in these filters. The effectiveness of this approach was demonstrated with multiple XSS vulnerabilites in Facebook.


This work was presented at Recon 2008.