Hacking with WebSockets

Explore the security implications of HTML5 WebSockets in this Black Hat USA 2012 conference talk. Delve into how WebSockets can both be a target for security attacks and a tool for enhancing attack sophistication. Examine the potential vulnerabilities, including cross-site scripting (XSS), and learn how compromised browsers can be controlled using WebSockets. Gain insights into the impact of WebSockets on website attack surfaces and user privacy. Discover the security risks associated with protocols tunneled over WebSockets. Witness demonstrations of WebSockets being utilized as part of an effective hacking framework. Conclude with valuable recommendations for secure WebSocket deployment, applying security principles to web application design, and using tools to investigate WebSocket security.

Black Hat USA 2012 - Hacking with WebSockets