Loading…
Join us at AppSec California 2014!


AppSec California is the first of hopefully many annual conferences hosted by all of the California chapters. Join us on the beaches of Santa Monica which is closest to our Los Angeles Chapter. Space is limited to around 200 attendees so be sure to get your ticket before we sell out!

Come a little early or stay the rest of the week; however you enjoy it, the weather is likely going to be warmer than where you are. Enjoy the Santa Monica pier and downtown area or explore the surrounding cities. You probably have a client or 10 near by too so say hello to them too.

Stay tuned as activities around the event are updated and more speakers are added to the lineup. A schedule will come at some point.


Register today! 
Back To Schedule
Tuesday, January 28 • 11:30am - 12:30pm
libinjection: from SQLi to XSS

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
libinjection was introduced at Black Hat USA 2012 to quickly and accurately detect SQLi attacks from user inputs.  Two years later the algorithm has been used by a number of open-source and proprietary WAFs and honeypots.  This talk will introduce a new algorithm for detecting XSS attacks.   Like the SQLi libinjection algorithm, this does not use regular expressions, is very fast, and has a low false positive rate.   Also like the original libinjection algorithm, this is available on GitHub with free license.   We’ll discuss the current state of libinjection SQLi, how SQLi and XSS differ semantically from an defenders point of view,  how the libinjection algorithm works, the current results and availability.
Speakers
avatar for Nick Galbreath

Nick Galbreath

Owner, Client9
Nick Galbreath is Vice President of Engineering at IPONWEB, a world leader in the development of online advertising exchanges. Prior to IPONWEB, his role was Director of Engineering at Etsy, overseeing groups handling security, fraud, security, authentication and other enterprise... Read More →

Tuesday January 28, 2014 11:30am - 12:30pm PST
Track 1
  Session

Attendees (0)