Hacking JavaScript Desktop Apps with XSS and RCE
Offered By: LASCON via YouTube
Course Description
Overview
Explore the vulnerabilities of JavaScript desktop applications in this 46-minute conference talk from LASCON. Delve into essential techniques for auditing Electron applications, understanding the implications of XSS in desktop environments, and learning how to escalate XSS to Remote Code Execution (RCE) in JavaScript apps. Discover methods for attacking preload scripts and achieving RCE via IPC. Gain valuable insights applicable to popular platforms like Microsoft Teams, Skype, Bitwarden, Slack, and Discord. Ideal for penetration testers, desktop app developers, and anyone interested in JavaScript, Node.js, or Electron app security, this hands-on workshop provides immediately applicable skills to enhance your security analysis workflow.
Syllabus
Hacking JavaScript Desktop apps with XSS and RCE - Abraham Aranguren
Taught by
LASCON
Related Courses
Bug Bounty In HindiYouTube CVE Series: Confluence RCE (CVE-2022-26134)
Cybrary Achieving Linux Kernel Code Execution Through a Malicious USB Device
Black Hat via YouTube Towards Discovering Remote Code Execution Vulnerabilities in Apple FaceTime
Black Hat via YouTube Browser Hacking With ANGLE
Hack In The Box Security Conference via YouTube