Skip to Main Content
The Browser Hacker's Handbook
book

The Browser Hacker's Handbook

by Wade Alcorn, Christian Frichot, Michele Orru
March 2014
Intermediate to advanced content levelIntermediate to advanced
648 pages
16h 56m
English
Wiley
Content preview from The Browser Hacker's Handbook

Contents

Introduction

Chapter 1   Web Browser Security

A Principal Principle

Exploring the Browser

Symbiosis with the Web Application

Same Origin Policy

HTTP Headers

Markup Languages

Cascading Style Sheets

Scripting

Document Object Model

Rendering Engines

Geolocation

Web Storage

Cross-origin Resource Sharing

HTML5

Vulnerabilities

Evolutionary Pressures

HTTP Headers

Reflected XSS Filtering

Sandboxing

Anti-phishing and Anti-malware

Mixed Content

Core Security Problems

Attack Surface

Surrendering Control

TCP Protocol Control

Encrypted Communication

Same Origin Policy

Fallacies

Browser Hacking Methodology

Summary

Questions

Notes

Chapter 2   Initiating Control

Understanding Control Initiation

Control Initiation Techniques

Using Cross-site Scripting Attacks

Using Compromised Web Applications

Using Advertising Networks

Using Social Engineering Attacks

Using Man-in-the-Middle Attacks

Summary

Questions

Notes

Chapter 3   Retaining Control

Understanding Control Retention

Exploring Communication Techniques

Using XMLHttpRequest Polling

Using Cross-origin Resource Sharing

Using WebSocket Communication

Using Messaging Communication

Using DNS Tunnel Communication

Exploring Persistence Techniques

Using IFrames

Using Browser Events

Using Pop-Under Windows

Using Man-in-the-Browser Attacks

Evading Detection

Evasion using Encoding

Evasion using Obfuscation

Summary

Questions

Notes

Chapter 4   Bypassing the Same Origin Policy

Understanding the Same Origin Policy

Understanding the SOP with the DOM

Understanding ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

The Mobile Application Hacker's Handbook

The Mobile Application Hacker's Handbook

Ollie Whitehouse, Shaun Colley, Tyrone Erasmus, Dominic Chell
Hands on Hacking

Hands on Hacking

Matthew Hickey, Jennifer Arcuri

Publisher Resources

ISBN: 9781118662090Purchase book