Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Untangling the DOM for More Easy-Juicy Bugs

Black Hat via YouTube

Start learning Write review
Coursera Ad

Google AI Professional Certificate - Learn AI Skills That Get You Hired

Learn More → Scrimba Ad

Free courses from frontend to fullstack and AI

Learn More →

Overview

Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore a powerful approach to uncovering DOM-based vulnerabilities in modern web applications through this Black Hat conference talk. Delve into the challenges posed by JavaScript-heavy applications for penetration testers and scanners, and discover how dynamic analysis can reveal client-side attacks like DOM XSS, insecure WebSocket usage, and problematic global variables. Learn about Hookish!, an open-source Chrome extension that overrides DOM properties to expose critical security insights. Gain hands-on experience with Dom Flow, a feature allowing intuitive visualization of data flow between sources and sinks, enabling deeper understanding of application behavior and facilitating the discovery of hidden DOM-based bugs. Equip yourself with advanced techniques to conduct more effective penetration tests on complex web applications and stay ahead of evolving security challenges.

Syllabus

Dom Flow - Untangling The DOM For More Easy-Juicy Bugs

Taught by

Black Hat

Reviews

Start your review of Untangling the DOM for More Easy-Juicy Bugs

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.