وب سایت تخصصی شرکت فرین
دسته بندی دوره ها

Web Hacking Expert – Full-Stack Exploitation Mastery

سرفصل های دوره

Modern web applications are complex and it’s all about full-stack nowadays. That’s why you need to dive into full-stack exploitation if you want to master web attacks. There is no room for classical web application hacking to exploit modern full-stack web apps and therefore, modern-day exploit methods will be showcased here. In this course, it will be shown to you how hackers can bypass Content Security Policy (CSP) which is the most powerful defensive technology in modern web applications. Then during this course, it will also be demonstrated how web applications can be hacked through PDFs, images, and links. You will also learn how hackers can steal secrets from AngularJS applications, which are very popular these days. Before concluding the course, you will understand how to exploit race conditions in web applications and how serious the consequences of this attack can be. At the end of this course, you would have gained knowledge about other powerful, full-stack attacks on modern web applications such as HTTP parameter pollution, subdomain takeover, and clickjacking.


Chapter 1 - Introduction to the Course
  • 1. Introduction

  • Chapter 2 - Bypassing Content Security Policy in Modern Web Applications
  • 1. Introduction to the Section
  • 2. Bypassing CSP through ajax.googleapis.com
  • 3. Bypassing CSP through Flash File
  • 4. Bypassing CSP through Polyglot File
  • 5. Bypassing CSP through AngularJS

  • Chapter 3 - Hacking Web Applications through PDFs Images and Links
  • 1. Introduction to the Section
  • 2. Token Hijacking through PDF - Part 1
  • 3. Token Hijacking through PDF - Part 2
  • 4. XSS through Image - Part 1
  • 5. XSS through Image - Part 2
  • 6. User Redirection through window.opener Tabnabbing - Part 1
  • 7. User Redirection through window.opener Tabnabbing - Part 2

  • Chapter 4 - Hacking AngularJS Applications
  • 1. Introduction to the Section
  • 2. AngularJS - Template Injection and scope Hacking - Part 1
  • 3. AngularJS - Template Injection and scope Hacking - Part 2
  • 4. AngularJS - Going Beyond the scope
  • 5. AngularJS - Hacking a Static Template
  • 6. Summary - Hacking AngularJS Applications

  • Chapter 5 - Exploiting Race Conditions in Web Applications
  • 1. Introduction to the Section
  • 2. Exploiting Race Conditions - Case 1 (Part1)
  • 3. Exploiting Race Conditions - Case 1 (Part2)
  • 4. Exploiting Race Conditions - Case 2
  • 5. Case Studies of Award-Winning Race Condition Attacks

  • Chapter 6 - Full-Stack Attacks on Modern Web Applications
  • 1. Introduction to the Section
  • 2. HTTP Parameter Pollution - Part 1
  • 3. HTTP Parameter Pollution - Part 2
  • 4. Subdomain Takeover - Part 1
  • 5. Subdomain Takeover - Part 2
  • 6. Account Takeover through Clickjacking - Part 1
  • 7. Account Takeover through Clickjacking - Part 2
  • 54,900 تومان
    بیش از یک محصول به صورت دانلودی میخواهید؟ محصول را به سبد خرید اضافه کنید.
    خرید دانلودی فوری

    در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

    ایمیل شما:
    تولید کننده:
    مدرس:
    شناسه: 37265
    حجم: 742 مگابایت
    مدت زمان: 287 دقیقه
    تاریخ انتشار: 19 خرداد 1403
    طراحی سایت و خدمات سئو

    54,900 تومان
    افزودن به سبد خرید