Web Hacking Expert – Full-Stack Exploitation Mastery

سرفصل های دوره

Modern web applications are complex and it’s all about full-stack nowadays. That’s why you need to dive into full-stack exploitation if you want to master web attacks. There is no room for classical web application hacking to exploit modern full-stack web apps and therefore, modern-day exploit methods will be showcased here. In this course, it will be shown to you how hackers can bypass Content Security Policy (CSP) which is the most powerful defensive technology in modern web applications. Then during this course, it will also be demonstrated how web applications can be hacked through PDFs, images, and links. You will also learn how hackers can steal secrets from AngularJS applications, which are very popular these days. Before concluding the course, you will understand how to exploit race conditions in web applications and how serious the consequences of this attack can be. At the end of this course, you would have gained knowledge about other powerful, full-stack attacks on modern web applications such as HTTP parameter pollution, subdomain takeover, and clickjacking.

Chapter 1 - Introduction to the Course

1. Introduction

Chapter 2 - Bypassing Content Security Policy in Modern Web Applications

1. Introduction to the Section

2. Bypassing CSP through ajax.googleapis.com

3. Bypassing CSP through Flash File

4. Bypassing CSP through Polyglot File

5. Bypassing CSP through AngularJS

Chapter 3 - Hacking Web Applications through PDFs Images and Links

1. Introduction to the Section

2. Token Hijacking through PDF - Part 1

3. Token Hijacking through PDF - Part 2

4. XSS through Image - Part 1

5. XSS through Image - Part 2

6. User Redirection through window.opener Tabnabbing - Part 1

7. User Redirection through window.opener Tabnabbing - Part 2

Chapter 4 - Hacking AngularJS Applications

1. Introduction to the Section

2. AngularJS - Template Injection and scope Hacking - Part 1

3. AngularJS - Template Injection and scope Hacking - Part 2

4. AngularJS - Going Beyond the scope

5. AngularJS - Hacking a Static Template

6. Summary - Hacking AngularJS Applications

Chapter 5 - Exploiting Race Conditions in Web Applications

1. Introduction to the Section

2. Exploiting Race Conditions - Case 1 (Part1)

3. Exploiting Race Conditions - Case 1 (Part2)

4. Exploiting Race Conditions - Case 2

5. Case Studies of Award-Winning Race Condition Attacks

Chapter 6 - Full-Stack Attacks on Modern Web Applications

1. Introduction to the Section

2. HTTP Parameter Pollution - Part 1

3. HTTP Parameter Pollution - Part 2

4. Subdomain Takeover - Part 1

5. Subdomain Takeover - Part 2

6. Account Takeover through Clickjacking - Part 1

7. Account Takeover through Clickjacking - Part 2

139,000 تومان

خرید اشتراک افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: PacktPub