Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

HTML5 - A Whole New Attack Vector

BruCON Security Conference via YouTube

Overview

Explore the security implications of HTML5 in this 41-minute conference talk from BruCON Security Conference. Delve into HTML5's new features from an attacker's perspective, examining potential vulnerabilities and attack vectors. Learn about semantic web, editable content, form validation, local storage, and video support, while understanding how these advancements can be exploited. Discover how attackers can leverage HTML5 to cause havoc on machines and even build browser-based botnets. Through demonstrations and examples, gain insights into canvas manipulation, geolocation risks, drag-and-drop vulnerabilities, and web notification exploits. Examine cross-site scripting techniques, XML HTTP request vulnerabilities, and network scanning possibilities. Explore defense strategies and participate in attack and defense labs to better understand and mitigate these new security challenges.

Syllabus

Intro
Canvas
Canvas Demo
Quake Demo
Video Audio
Geolocation
Drag and Drop
Web Notifications
The Hacker
Recon
Crosssite scripting
Examples
Attack and Defense Labs
XML HTTP Requests
Scanning the Network
The Next Day
GeoLocate
Autocomplete
Social Engineering
Directory
File Server
Pippy
DOS
Spam
Beef
Network
Pretty Test
Summary

Taught by

BruCON Security Conference

Reviews

Start your review of HTML5 - A Whole New Attack Vector

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.