YoVDO

HTML5 - A Whole New Attack Vector

Offered By: BruCON Security Conference via YouTube

Tags

BruCON Courses Canva Courses Social Engineering Courses Botnets Courses Geolocation Courses

Course Description

Overview

Explore the security implications of HTML5 in this 41-minute conference talk from BruCON Security Conference. Delve into HTML5's new features from an attacker's perspective, examining potential vulnerabilities and attack vectors. Learn about semantic web, editable content, form validation, local storage, and video support, while understanding how these advancements can be exploited. Discover how attackers can leverage HTML5 to cause havoc on machines and even build browser-based botnets. Through demonstrations and examples, gain insights into canvas manipulation, geolocation risks, drag-and-drop vulnerabilities, and web notification exploits. Examine cross-site scripting techniques, XML HTTP request vulnerabilities, and network scanning possibilities. Explore defense strategies and participate in attack and defense labs to better understand and mitigate these new security challenges.

Syllabus

Intro
Canvas
Canvas Demo
Quake Demo
Video Audio
Geolocation
Drag and Drop
Web Notifications
The Hacker
Recon
Crosssite scripting
Examples
Attack and Defense Labs
XML HTTP Requests
Scanning the Network
The Next Day
GeoLocate
Autocomplete
Social Engineering
Directory
File Server
Pippy
DOS
Spam
Beef
Network
Pretty Test
Summary


Taught by

BruCON Security Conference

Related Courses

Cybersecurity in Healthcare (Hospitals & Care Centres)
Erasmus University Rotterdam via Coursera
Cyber Security Foundations: Common Malware Attacks and Defense Strategies
EC-Council via FutureLearn
The Complete Social Engineering, Phishing, OSINT & Malware
Udemy
A Complete Cyber Security Guide For Beginners 2024
Udemy
Learn Social Engineering From Scratch 2024
Udemy