HTML5 Security
Resources

A Security Analysis of Next Generation Web Standards

The Emperor’s New APIs: On the (In)Secure Usage of New Client-side Primitives

HTML5 Overview: A Look at HTML5 Attack Scenarios

HTML5 Web Security

Attacking with HTML5

Abusing HTML 5 Structured Client-side Storage

How a Platform Using HTML5 Can Affect the Security of Your Website

Invisible arbitrary CSRF file upload in Flickr.com

Minus.com silent arbitrary file upload

Cross domain arbitrary file upload Redux

How to upload arbitrary file contents cross-domain

Filejacking: How to make a file server from your browser (with HTML5 of course)

HTML5 WebSockets — security & new tool for attacking

Squid-imposter: Phishing websites forever with HTML5 offline cache

XSS track got ninja stealth skills thanks to HTML5

XSS-Track now steals your uploaded files with HTML5 power!

CSRF with JSON — leveraging XHR and CORS

Blind WebSQL and Storage extraction for HTML5 Apps

Top 10 HTML5 Threats & Attack Vectors

Hacking Facebook with HTML5

Cracking hashes in the JavaScript cloud with Ravan

Performing DDoS attacks with HTML5 Cross Origin Requests & WebWorkers

Port Scanning with HTML5 and JS-Recon

Shell of the Future — Reverse Web Shell Handler for XSS Exploitation

Chrome and Safari users open to stealth HTML5 AppCache attack

HTML5 Security Articles and Live Demos

HTML5 — The Good, the Bad, the Ugly

HTML5: something wicked this way comes — HackPra

HTML5 Web Security

Web security in the frontend

Abusing HTML5

HTML5 Advanced Computer Networks SS 2011

Pwning Intranets with HTML5

Can you trust your workers? Examining the security of Web Workers

HTML5 — The Good, the Bad, the Ugly (German)

HTML5: something wicked this way comes

Next Generation Web Attacks — HTML 5, DOM (L3) and XHR (L2)

Attacking with HTML5

Discussion on HTML5 Security at OWASP Summit 2011

HTML5 Security Cheatsheet Wiki

HTML5 WebSQL and COR Security Demos

HTML5 Top 10 Threats Stealth Attacks and Silent Exploits

BlackHat Europe 2012