Current stack and technology surface
Top 10 Attack Vectors
1. XSS abuse with tags and attributes
2. DOM based XSS and Redirects
3. Stealing from the storage
4. Injecting and Exploiting WebSQL
5. Abusing network API and Sockets
6. CSRF across streams – JSON, AMF and XML
7. Sandbox attacks and ClickJacking
8. Abusing new features like drag-and-drop
9. Botnet/Spynet gets persistent life using WebWorkers
10. Threats to widgets and mashups
Top 10 Attack Vectors
1. XSS abuse with tags and attributes
2. DOM based XSS and Redirects
3. Stealing from the storage
4. Injecting and Exploiting WebSQL
5. Abusing network API and Sockets
6. CSRF across streams – JSON, AMF and XML
7. Sandbox attacks and ClickJacking
8. Abusing new features like drag-and-drop
9. Botnet/Spynet gets persistent life using WebWorkers
10. Threats to widgets and mashups