You are previewing The Browser Hacker's Handbook.
O'Reilly logo
The Browser Hacker's Handbook

Book Description

Hackers exploit browser vulnerabilities to attack deep within networks

The Browser Hacker's Handbook gives a practical understanding of hacking the everyday web browser and using it as a beachhead to launch further attacks deep into corporate networks. Written by a team of highly experienced computer security experts, the handbook provides hands-on tutorials exploring a range of current attack methods.

The web browser has become the most popular and widely used computer "program" in the world. As the gateway to the Internet, it is part of the storefront to any business that operates online, but it is also one of the most vulnerable entry points of any system. With attacks on the rise, companies are increasingly employing browser-hardening techniques to protect the unique vulnerabilities inherent in all currently used browsers. The Browser Hacker's Handbook thoroughly covers complex security issues and explores relevant topics such as:

  • Bypassing the Same Origin Policy

  • ARP spoofing, social engineering, and phishing to access browsers

  • DNS tunneling, attacking web applications, and proxying—all from the browser

  • Exploiting the browser and its ecosystem (plugins and extensions)

  • Cross-origin attacks, including Inter-protocol Communication and Exploitation

  • The Browser Hacker's Handbook is written with a professional security engagement in mind. Leveraging browsers as pivot points into a target's network should form an integral component into any social engineering or red-team security assessment. This handbook provides a complete methodology to understand and structure your next browser penetration test.

    Table of Contents

    1. Cover Page
    2. Title Page
    3. Copyright
    4. About the Authors
    5. Credits
    6. Acknowledgments
    7. Contents
    8. Introduction
    9. Chapter 1: Web Browser Security
      1. A Principal Principle
      2. Exploring the Browser
      3. Evolutionary Pressures
      4. Core Security Problems
      5. Browser Hacking Methodology
      6. Summary
      7. Questions
      8. Notes
    10. Chapter 2: Initiating Control
      1. Understanding Control Initiation
      2. Control Initiation Techniques
      3. Summary
      4. Questions
      5. Notes
    11. Chapter 3: Retaining Control
      1. Understanding Control Retention
      2. Exploring Communication Techniques
      3. Exploring Persistence Techniques
      4. Evading Detection
      5. Summary
      6. Questions
      7. Notes
    12. Chapter 4: Bypassing the Same Origin Policy
      1. Understanding the Same Origin Policy
      2. Exploring SOP Bypasses
      3. Exploiting SOP Bypasses
      4. Summary
      5. Questions
      6. Notes
    13. Chapter 5: Attacking Users
      1. Defacing Content
      2. Capturing User Input
      3. Social Engineering
      4. Privacy Attacks
      5. Summary
      6. Questions
      7. Notes
    14. Chapter 6: Attacking Browsers
      1. Fingerprinting Browsers
      2. Bypassing Cookie Protections
      3. Bypassing HTTPS
      4. Abusing Schemes
      5. Attacking JavaScript
      6. Getting Shells using Metasploit
      7. Summary
      8. Questions
      9. Notes
    15. Chapter 7: Attacking Extensions
      1. Understanding Extension Anatomy
      2. Fingerprinting Extensions
      3. Attacking Extensions
      4. Summary
      5. Questions
      6. Notes
    16. Chapter 8: Attacking Plugins
      1. Understanding Plugin Anatomy
      2. Fingerprinting Plugins
      3. Attacking Plugins
      4. Summary
      5. Questions
      6. Notes
    17. Chapter 9: Attacking Web Applications
      1. Sending Cross-origin Requests
      2. Cross-origin Web Application Detection
      3. Cross-origin Web Application Fingerprinting
      4. Cross-origin Authentication Detection
      5. Exploiting Cross-site Request Forgery
      6. Cross-origin Resource Detection
      7. Cross-origin Web Application Vulnerability Detection
      8. Proxying through the Browser
      9. Launching Denial-of-Service Attacks
      10. Launching Web Application Exploits
      11. Summary
      12. Questions
      13. Notes
    18. Chapter 10: Attacking Networks
      1. Identifying Targets
      2. Ping Sweeping
      3. Port Scanning
      4. Fingerprinting Non-HTTP Services
      5. Attacking Non-HTTP Services
      6. Getting Shells using BeEF Bind
      7. Summary
      8. Questions
      9. Notes
    19. Chapter 11: Epilogue: Final Thoughts
    20. Index