Hacking JavaScript Desktop Apps with XSS and RCE

Overview

Explore the vulnerabilities of JavaScript desktop applications in this 46-minute conference talk from LASCON. Delve into essential techniques for auditing Electron applications, understanding the implications of XSS in desktop environments, and learning how to escalate XSS to Remote Code Execution (RCE) in JavaScript apps. Discover methods for attacking preload scripts and achieving RCE via IPC. Gain valuable insights applicable to popular platforms like Microsoft Teams, Skype, Bitwarden, Slack, and Discord. Ideal for penetration testers, desktop app developers, and anyone interested in JavaScript, Node.js, or Electron app security, this hands-on workshop provides immediately applicable skills to enhance your security analysis workflow.

Syllabus

Hacking JavaScript Desktop apps with XSS and RCE - Abraham Aranguren

Taught by

LASCON

Reviews

Start your review of Hacking JavaScript Desktop Apps with XSS and RCE

From Zero to Cybersecurity Analyst

Most common

Popular subjects

Popular courses

Hacking JavaScript Desktop Apps with XSS and RCE

Overview

Syllabus

Taught by

Reviews

From Zero to Cybersecurity Analyst

Taught by

Hacking Modern Desktop Apps with XSS and RCE

JavaScript Security

JavaScript Security Part 1

Hacking Android & iOS Apps with Deep Links & XSS - Mobile Hacking

ElectroVolt - Pwning Desktop Apps Built On Electron

The Hidden XSS - Attacking the Desktop

100+ Free Courses to Learn JavaScript, React, Node

10 Best JavaScript Courses for 2024: Create Interactive Websites

Never Stop Learning.