YoVDO

HTML5 - A Whole New Attack Vector

Offered By: BruCON Security Conference via YouTube

Tags

BruCON Courses Canva Courses Social Engineering Courses Botnets Courses Geolocation Courses

Course Description

Overview

Explore the security implications of HTML5 in this 41-minute conference talk from BruCON Security Conference. Delve into HTML5's new features from an attacker's perspective, examining potential vulnerabilities and attack vectors. Learn about semantic web, editable content, form validation, local storage, and video support, while understanding how these advancements can be exploited. Discover how attackers can leverage HTML5 to cause havoc on machines and even build browser-based botnets. Through demonstrations and examples, gain insights into canvas manipulation, geolocation risks, drag-and-drop vulnerabilities, and web notification exploits. Examine cross-site scripting techniques, XML HTTP request vulnerabilities, and network scanning possibilities. Explore defense strategies and participate in attack and defense labs to better understand and mitigate these new security challenges.

Syllabus

Intro
Canvas
Canvas Demo
Quake Demo
Video Audio
Geolocation
Drag and Drop
Web Notifications
The Hacker
Recon
Crosssite scripting
Examples
Attack and Defense Labs
XML HTTP Requests
Scanning the Network
The Next Day
GeoLocate
Autocomplete
Social Engineering
Directory
File Server
Pippy
DOS
Spam
Beef
Network
Pretty Test
Summary


Taught by

BruCON Security Conference

Related Courses

Desarrollo de Aplicaciones iOS - Proyecto Final
Tecnológico de Monterrey via Coursera
Getting started with Augmented Reality
Institut Mines-Télécom via Coursera
Programmation iOS (partie II)
Sorbonne University via edX
Teaching Impacts of Technology: Relationships
University of California, San Diego via Coursera
Teaching Impacts of Technology: Fundamentals
University of California, San Diego via Coursera