Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Hacking JavaScript Desktop Apps with XSS and RCE

LASCON via YouTube

Overview

Explore the vulnerabilities of JavaScript desktop applications in this 46-minute conference talk from LASCON. Delve into essential techniques for auditing Electron applications, understanding the implications of XSS in desktop environments, and learning how to escalate XSS to Remote Code Execution (RCE) in JavaScript apps. Discover methods for attacking preload scripts and achieving RCE via IPC. Gain valuable insights applicable to popular platforms like Microsoft Teams, Skype, Bitwarden, Slack, and Discord. Ideal for penetration testers, desktop app developers, and anyone interested in JavaScript, Node.js, or Electron app security, this hands-on workshop provides immediately applicable skills to enhance your security analysis workflow.

Syllabus

Hacking JavaScript Desktop apps with XSS and RCE - Abraham Aranguren

Taught by

LASCON

Reviews

Start your review of Hacking JavaScript Desktop Apps with XSS and RCE

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.