My Account Log in

1 option

Web hacking expert : full-stack exploitation mastery.

O'Reilly Online Learning: Academic/Public Library Edition Available online

View online
Format:
Video
Contributor:
Czagan, Dawid, presenter.
Packt Publishing, publisher.
Language:
English
Subjects (All):
Penetration testing (Computer security).
Computer security.
Computer networks--Security measures.
Computer networks.
Hacking.
Physical Description:
1 online resource (1 video file (4 hr., 48 min.)) : sound, color.
Edition:
[First edition].
Place of Publication:
[Place of publication not identified] : Packt Publishing, [2022]
Summary:
Modern web applications are complex and it's all about full-stack nowadays. That's why you need to dive into full-stack exploitation if you want to master web attacks. There is no room for classical web application hacking to exploit modern full-stack web apps and therefore, modern-day exploit methods will be showcased here. In this course, it will be shown to you how hackers can bypass Content Security Policy (CSP) which is the most powerful defensive technology in modern web applications. Then during this course, it will also be demonstrated how web applications can be hacked through PDFs, images, and links. You will also learn how hackers can steal secrets from AngularJS applications, which are very popular these days. Before concluding the course, you will understand how to exploit race conditions in web applications and how serious the consequences of this attack can be. At the end of this course, you would have gained knowledge about other powerful, full-stack attacks on modern web applications such as HTTP parameter pollution, subdomain takeover, and clickjacking. What You Will Learn Dive into full-stack exploitation of modern web applications Learn how hackers can bypass Content Security Policy (CSP) Discover how web applications can be hacked through PDFs, images, and links Explore how hackers can steal secrets from AngularJS applications Check if your web applications are vulnerable to race condition attacks Learn about HTTP parameter pollution, subdomain takeover, and clickjacking Audience This course is ideal for all penetration testers, ethical hackers, bug hunters, and security engineers/consultants who want to enhance and refresh their knowledge of pentesting and hacking. As a prerequisite, an individual with basic to intermediate level knowledge of hacking along with familiarity with common web application vulnerabilities will get the most out of this course. There will not be a dedicated video for installation purposes. About The Author Dawid Czagan: Dawid Czagan is an internationally recognized security researcher and trainer. He is listed among the top hackers at HackerOne. Dawid Czagan has found security vulnerabilities in Google, Yahoo, Mozilla, Microsoft, Twitter, and other companies. Due to the severity of many bugs, he received numerous awards for his findings. Dawid Czagan shares his security experience in his hands-on training at key industry conferences worldwide. He is the founder and CEO of Silesia Security Lab.
Notes:
OCLC-licensed vendor bibliographic record.
ISBN:
9781837639717
183763971X
OCLC:
1354330091

The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.

Find

Home Release notes

My Account

Shelf Request an item Bookmarks Fines and fees Settings

Guides

Using the Find catalog Using Articles+ Using your account