Introduction to HTML Injection (HTMLi) and Cross Site Scripting (XSS) Using Mutillidae - ISSA Kentuckiana workshop 9 (Hacking Illustrated Series InfoSec Tutorial Videos)

Feel free to include my content in your page via my
RSS feed Follow @irongeek_adc

Help Irongeek.com pay for
bandwidth and research equipment:
Subscribestar or Patreon

Search Irongeek.com:

Affiliates:

Help Irongeek.com pay for bandwidth and research equipment:

Introduction to HTML Injection (HTMLi) and Cross Site Scripting (XSS) Using Mutillidae - ISSA Kentuckiana workshop 9 (Hacking Illustrated Series InfoSec Tutorial Videos)

Introduction to HTML Injection (HTMLi) and Cross Site Scripting (XSS) Using Mutillidae - ISSA Kentuckiana workshop 9 - Jeremy Druin

This is part of the 9th in a line of classes Jeremy Druin will be giving on pen-testing and web app security featuring Mutillidae (or other tools) for the Kentuckiana ISSA. This one covers SQLMap.

Details:

Video Tutorials: www.youtube.com/user/webpwnized
Video Index URL: http://www.irongeek.com/i.php?page=videos/web-application-pen-testing-tutorials-with-mutillidae
YouTube Channel: http://www.youtube.com/user/webpwnized
Twitter Updates: @webpwnized
Title: Introduction to HTML Injection (HTMLi) and Cross Site Scripting (XSS) Using Mutillidae

This video covers the basics of injecting HTML into sites with vulnerabilities in which injected code is placed inline with intended code and executes in the users browser. The injected HTML in this video is a fake login box that posts the user username and password to a capture data page (in the NOWASP Mutillidae application).

Later the same vulnerability is used to inject cross site scripting attack that hooks the users browser with a Beef Framework script (hook.js) given an attacker control of the users browser.

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.