Browser Attack Tutorial Cover38 Page eBook

In this mini-course, you will get to know different types of web browsers; what each web browser does; how you can identify remote host browser names using methods such as HTTP Headers and DOM Properties. We are aware of what http is, but are you aware of what http/2.0 is and how this protocol works? We explain this in the mini-course: why http/2.0 is needed and how it’s far more secure then current http protocol.

You will also learn about HTTP Cookies: how this works and why cookies are such an interesting part of doing a web application assessment. Also, what is cookiejar in browser and its attributes such as HTTPONLY, SECURE, DOMAIN etc. Also, how you can bypass the attributes restriction. We also explain cookie jar overflow as well as a cookies-tracking technique through which your browsing habits can be tracked and sensitive information extracted.

HTTPS is always considered to be a secure protocol but are you sure about this? In this tutorial, you will see how an attacker can bypass https and downgrade it to http. Finally, you will also learn about MITM using tools like Ettercap, fake certificates and vulnerabilities in SSL such as BEAST, CRIME, HEARTBLEED and browser autopwn, as well as IE10 exploit with metasploit: our personal favorite tool. Click the button below to download your FREE ebook!