Disclosure: when you buy through links on our site, we may earn an affiliate commission.

Hacking Web Applications via PDFs, Images, and Links

Learn How Your Web Applications Can Be Hacked via PDFs, Images, and Links
4.7
4.7/5
(110 reviews)
10,161 students
Created by
Dawid Czagan

8.1

CourseMarks Score®

7.7

Freshness

8.5

Feedback

7.5

Content

Detailed Analysis »

Learn How Your Web Applications Can Be Hacked via PDFs
Go to class »
Platform: Udemy
Price: check current price
Video: 51m
Language: English
Next start: On Demand

Table of contents

Description

  What you'll learn
  Requirements
  Who this course is for
Instructor
Recommended courses

Description

User data is processed every single day by modern web applications. Think about PDFs, images, and links. They are everywhere. What’s more – they can be used to hack your web applications and obviously you don’t want that to happen.
In this course you will learn how your web applications can be hacked via PDFs, images, and links. You will also learn how to check if your web applications are vulnerable to these attacks. First, I’ll show you how an attacker can steal a user’s sensitive data via a PDF. Next, I’ll present how the attacker can launch an XSS attack via an image. Finally, I’ll demonstrate how the attacker can launch a user redirection attack via a link (using window.opener tabnabbing).
For every single attack there is a DEMO so that you can see, step-by-step, how these attacks work in practice. I hope this sounds good to you and I can’t wait to see you in the class.
Note: you can get paid for these bugs in bug bounty programs.

You will learn

✓ Learn how an attacker can steal a user’s sensitive data via a PDF
✓ Discover how the attacker can launch an XSS attack via an image
✓ Explore how the attacker can launch a user redirection attack via a link
✓ Check if your web applications are vulnerable to these attacks
✓ Learn from one of the top hackers at HackerOne
✓ Become a successful penetration tester / ethical hacker

Requirements

• Basic hacking skills

This course is for

• Penetration testers, ethical hackers, bug hunters, security engineers / consultants

More info about the instructor,

Dawid Czagan

Top 10 Hacker at HackerOne | Author of “Bug Hunting Millionaire”
Dawid Czagan is listed among Top 10 Hackers (HackerOne). He has found security vulnerabilities in Google, Yahoo, Mozilla, Microsoft, Twitter and other companies. Due to the severity of many bugs, he received numerous awards for his findings.Dawid Czagan shares his security bug hunting experience in his hands-on trainings “Hacking Web Applications – Case Studies of Award-Winning Bugs in Google, Yahoo, Mozilla and More” and “Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation”. He delivered security training courses at key industry conferences such as Hack In The Box (Amsterdam), CanSecWest (Vancouver), 44CON (London), Hack In Paris (Paris), DeepSec (Vienna), HITB GSEC (Singapore), BruCON (Ghent) and for many corporate clients. His students include security specialists from Oracle, Adobe, ESET, ING, Red Hat, Trend Micro, Philips and government sector.Dawid Czagan is a founder and CEO at Silesia Security Lab – a company which delivers specialized security testing and training services. To find out about the latest in Dawid Czagan’s work, you are invited to follow him on Twitter.
Browse all courses by on Coursemarks.
Dawid Czagan's full profile and courses »
Go to class »
Learn How Your Web Applications Can Be Hacked via PDFs
Go to class »
Platform: Udemy
Price: check current price
Video: 51m
Language: English
Next start: On Demand

Students are also interested in

This no fluff hands-on training will having you immediatly hacking web applications with Burp Suite.

Ethical Hacking with Burp Suite

This no fluff hands-on training will having you immediatly hacking web applications with Burp Suite.
3.7
3.7/5
163 students

Other courses by ​Dawid Czagan

Go to class »