O'Reilly logo

The Basics of Web Hacking by Josh Pauli

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 6

Web User Hacking

Chapter Rundown:

■ Attacking other users instead of the server or application

■ Running malicious code with cross-site scripting (XSS)

■ Executing malicious commands with cross-site request forgery (CSRF)

■ Attacks that can’t be stopped: how the Social-Engineer Toolkit (SET) makes you a rock star

Introduction

The target for web hackers has shifted away from the web server and web application and squarely on the web user. Some web user attacks rely on web application vulnerabilities, while other attacks don’t require any existing application vulnerability to be successful, but they all rely on the user unknowingly making a malicious request. Regardless of how the attack is delivered, the payload is executed on the user’s machine ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required