One of the most common application layer attacks which also involves cloud systems is called Cross-Site Scripting (XSS), and Those attacks link a victim to the internet by stealing their cookies and other private information. XSS attacks are in the third place the OWASP Top10 of most critical web application threats, and the literature shows a number of tools implemented by scholars and professionals in order to mitigate this particular threat; despite that, there are no tools intended to extract forensics information after a successful or unsuccessful attack.In this paper is proposed a forensic tool, XSS-Unearth, developed for detection of forensics traces in case of XSS attacks. Using an approach based on a XSS payload list, the tool proposed can be helpful in order to produce digital evidence about XSS attacks. Furthermore, this tool may be successfully integrated with other well-known forensic tools, such as Plaso, to support further analysis.
XSS-Unearth: A Tool for Forensics Analysis of XSS Attacks
Alfieri D.;Ficco M.;Palmieri F.
2024-01-01
Abstract
One of the most common application layer attacks which also involves cloud systems is called Cross-Site Scripting (XSS), and Those attacks link a victim to the internet by stealing their cookies and other private information. XSS attacks are in the third place the OWASP Top10 of most critical web application threats, and the literature shows a number of tools implemented by scholars and professionals in order to mitigate this particular threat; despite that, there are no tools intended to extract forensics information after a successful or unsuccessful attack.In this paper is proposed a forensic tool, XSS-Unearth, developed for detection of forensics traces in case of XSS attacks. Using an approach based on a XSS payload list, the tool proposed can be helpful in order to produce digital evidence about XSS attacks. Furthermore, this tool may be successfully integrated with other well-known forensic tools, such as Plaso, to support further analysis.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
