Book description
Hackers exploit browser vulnerabilities to attack deep within networks
The Browser Hacker's Handbook gives a practical understanding of hacking the everyday web browser and using it as a beachhead to launch further attacks deep into corporate networks. Written by a team of highly experienced computer security experts, the handbook provides hands-on tutorials exploring a range of current attack methods.
The web browser has become the most popular and widely used computer "program" in the world. As the gateway to the Internet, it is part of the storefront to any business that operates online, but it is also one of the most vulnerable entry points of any system. With attacks on the rise, companies are increasingly employing browser-hardening techniques to protect the unique vulnerabilities inherent in all currently used browsers. The Browser Hacker's Handbook thoroughly covers complex security issues and explores relevant topics such as:
Bypassing the Same Origin Policy
ARP spoofing, social engineering, and phishing to access browsers
DNS tunneling, attacking web applications, and proxying—all from the browser
Exploiting the browser and its ecosystem (plugins and extensions)
Cross-origin attacks, including Inter-protocol Communication and Exploitation
The Browser Hacker's Handbook is written with a professional security engagement in mind. Leveraging browsers as pivot points into a target's network should form an integral component into any social engineering or red-team security assessment. This handbook provides a complete methodology to understand and structure your next browser penetration test.
Table of contents
- Cover Page
- Title Page
- Copyright
- About the Authors
- Credits
- Acknowledgments
- Contents
- Introduction
- Chapter 1: Web Browser Security
- Chapter 2: Initiating Control
- Chapter 3: Retaining Control
- Chapter 4: Bypassing the Same Origin Policy
- Chapter 5: Attacking Users
- Chapter 6: Attacking Browsers
- Chapter 7: Attacking Extensions
- Chapter 8: Attacking Plugins
-
Chapter 9: Attacking Web Applications
- Sending Cross-origin Requests
- Cross-origin Web Application Detection
- Cross-origin Web Application Fingerprinting
- Cross-origin Authentication Detection
- Exploiting Cross-site Request Forgery
- Cross-origin Resource Detection
- Cross-origin Web Application Vulnerability Detection
- Proxying through the Browser
- Launching Denial-of-Service Attacks
- Launching Web Application Exploits
- Summary
- Questions
- Notes
- Chapter 10: Attacking Networks
- Chapter 11: Epilogue: Final Thoughts
- Index
Product information
- Title: The Browser Hacker's Handbook
- Author(s):
- Release date: March 2014
- Publisher(s): Wiley
- ISBN: 9781118662090
You might also like
book
The Web Application Hacker's Handbook, 2nd Edition
The highly successful security book returns with a new edition, completely updated Web applications are the …
book
The Mobile Application Hacker's Handbook
See your app through a hacker's eyes to find the real sources of vulnerability The Mobile …
book
The Hardware Hacking Handbook
Embedded devices are chip-size microcomputers small enough to be included in the structure of the object …
book
Hands on Hacking
A fast, hands-on introduction to offensive hacking techniques Hands-On Hacking teaches readers to see through the …