Advanced Client-Side Attacks
Through real-world scenarios, you will gain a detailed understanding of client-side attacks, including XSS, CSRF, DOM-based vectors, SOP, and CORS vulnerabilities.
In this module, we'll guide you through the complex landscape of client-side attacks, focusing on vulnerabilities introduced by XSS, CSRF, DOM-based attacks, and the complexities of SOP & CORS. Our journey will begin with an in-depth exploration of XSS attacks. We'll dissect various types, from reflected to stored and DOM-based, demonstrating how attackers inject malicious scripts into web pages. We'll then pivot to CSRF vulnerabilities, revealing how attackers trick users into executing unintended actions on a web application in which they're authenticated. As we start into DOM-based attacks, you'll learn about manipulating the DOM to execute malicious scripts, highlighting the importance of client-side security in web apps. Further on, we'll understand the idea of SOP and CORS, essential security mechanisms designed to control how resources on a web page can be requested from another domain. Each section of this module is strengthened with real-world scenarios designed to understand, effectively mitigate, and protect against these client-side vulnerabilities.
0%
XSS
Explore in-depth the different types of XSS and their root causes.
0%
CSRF
Learn how a CSRF vulnerability works and methods to exploit and defend against CSRF vulnerabilities.
0%
DOM-Based Attacks
Learn about DOM-based vulnerabilities that can be leveraged to stage client-side attacks!
0%
CORS & SOP
Cross-Origin Resource Sharing and Same-Origin Policy.
0%
Whats Your Name?
Utilise your client-side exploitation skills to take control of a web app.
What are modules?
A learning pathway is made up of modules, and a module is made of bite-sized rooms (think of a room like a mini security lab).
