Название: javascript for hackers : Learn to think like a hacker Автор: Gareth Heyes Издательство: Leanpub Год: 2023-01-16 Язык: английский Формат: pdf (true), djvu Размер: 10.1 MB
Learn how to find interesting behaviors and flaws in javascript. In this book, you will learn about the latest and most effective methods for hacking javascript and generating XSS payloads. The book also covers how to create javascript using only text. Have you heard about DOM Clobbering? This book gives you all the details.
Have you ever wondered how hackers find flaws in browsers and javascript? This book explains how they think and gives you the tools to find flaws on your own. The book covers the basics of javascript hacking and then explains how to create a javascript payload without parentheses.
javascript has always been a passion of mine, and I'm fascinated by ways to further understand JS. I often see people tweeting about how to call functions without parentheses, crazy XSS vectors, and generally how to better understand certain functions. People often ask how tweets can be applied to bypass WAFs and browser exploits. Sure, you can use the javascript function call method without parentheses to bypass WAFs, but the point of my tweets is to quickly gain knowledge that can be applied later.
By looking for ways to hack javascript, you learn about the function and then apply that knowledge to achieve your goal. If you have no goal you can be staring at a blank page not getting anywhere. A goal enables you to make sure you’re always trying something and it can be flexible too. For instance one of my goals was “execute javascript without parentheses”. If you’ve set a good goal it will almost likely never end and good ones also mutate into another goal for example the goal I mentioned earlier mutated into “execute javascript functions without parentheses and pass arguments”. Now you can see how these two goals are useful because now you have a clear idea what you have to do and you can abuse javascript features to achieve that goal. In the example above the second goal is more challenging than the first but the second goal enables you to gain knowledge to achieve the more difficult goal.
Скачать javascript for hackers : Learn to think like a hacker (2023)
|