Skip to Content
Becoming the Hacker
book

Becoming the Hacker

by Adrian Pruteanu
January 2019
Beginner
404 pages
8h 53m
English
Packt Publishing
Content preview from Becoming the Hacker

Chapter 9. Practical Client-Side Attacks

When we talk about client-side attacks, there is a tendency to discredit their viability in compromising an environment. After all, executing JavaScript in the browser is far less sexy than executing native code and popping a shell on the application server itself. What's the point of being able to execute heavily sandboxed JavaScript in a short-lived browsing session? How much damage can an attacker do with this type of vulnerability? Quite a bit, as it turns out.

In this chapter, we will explore client-side attacks, with a heavy emphasis on XSS. We will also look at Cross-Site Request Forgery (CSRF) attacks and discuss the implications of the same-origin policy (SOP). Next, we will look at ways to weaponize ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Tribe of Hackers Red Team

Tribe of Hackers Red Team

Marcus J. Carey, Jennifer Jin
How to Hack Like a Ghost
Gray Hat Hacking The Ethical Hacker's Handbook, Fifth Edition, 5th Edition

Gray Hat Hacking The Ethical Hacker's Handbook, Fifth Edition, 5th Edition

Daniel Regalado, Shon Harris, Allen Harper, Chris Eagle, Jonathan Ness, Branko Spasojevic, Ryan Linn, Stephen Sims
Ethical Hacking

Ethical Hacking

Daniel G. Graham

Publisher Resources

ISBN: 9781788627962Supplemental Content