The Chrome Crusader
Offered By: BSidesLV via YouTube
Course Description
Overview
Explore the world of Chrome extension security in this BSidesLV conference talk. Delve into the Chrome Crusader's journey as Lily Chalupowski shares insights on making Chrome extensions more secure. Learn about JSON files, Chroma Optimizer, hidden icons, and CORS limitations. Discover the potential for creating botnets and classic malware through Chrome extensions. Examine the Chrome Extension Architecture, security headers, and Google's security considerations. Investigate the removal of XSS protection and the implementation of Chrome Site Isolation. Gain valuable knowledge about WebRTC and HSTS while addressing both technical and non-technical aspects of Chrome extension security.
Syllabus
Introduction
Who is Lily
Agenda
Skills Needed
Warning
Making Chrome Great
Hackers Manifesto
JSON Files
Chroma Optimizer
Hidden Icon
Chorus Limitations
CrossOrigin Resource Sharing
Making a Botnet
You are in fact
Command
Hook
Flask
Classic Malware
Keylogger
Credential stealing
Canada Revenue Agency
Why is this possible
Chrome Extension Architecture
Security Headers
CSP
Google Security Considerations
Childrens Advertisers
Insecurity
Chrome Extensions
Remove XSS Protection
Board Meeting
Chrome Site Isolation
Proof of Concept
Chrome Optimizer
WebRTC
HSTS
Nontechnical question
Taught by
BSidesLV
Related Courses
MongoDB for DBAsMongoDB University MongoDB for Node.js Developers
MongoDB University Web Engineering II: Developing Mobile HTML5 Apps
Technische Hochschule Mittelhessen via iversity Programming Mobile Services for Android Handheld Systems: Communication
Vanderbilt University via Coursera HTML, CSS, and Javascript for Web Developers
Johns Hopkins University via Coursera