Explore a conference talk on the evolution of libinjection from SQL injection detection to cross-site scripting (XSS) prevention. Delve into the development of a new algorithm for detecting XSS attacks that, like its SQLi counterpart, avoids regular expressions, offers high speed and accuracy, and is freely available on GitHub. Learn about the semantic differences between SQLi and XSS from a defender's perspective, understand how the libinjection algorithm functions, and discover its current results and availability. Gain insights into HTML injection, JavaScript injection, sanitization techniques, and the challenges of XSS detection, including the complexities of HTML5 tokenization and browser-specific issues.