چه کسانی این کتاب را می‌خوانند

دانشجوعلاقه‌مند یادگیری
کتابخوان حرفه‌ایلذت مطالعه
نویسندهالهام‌گیری

JavaScript for hackers: Learn to think like a hacker

Gareth Heyes

قیمت نهایی

۴۴٬۰۰۰ تومان۴۹٬۰۰۰ تومان۱۰٪ تخفیف
  • تخفیف زمان‌دار−۵٬۰۰۰ تومان

۵٬۰۰۰ تومان صرفه‌جویی نسبت به قیمت اصلی

نسخه اصلی و اورجینال

بلافاصله پس از خرید، فایل کتاب روی دستگاه شما آمادهٔ دانلود است.

تحویل فوری
پرداخت امن
ضمانت فایل
پشتیبانی

مشخصات کتاب

نویسنده
Gareth Heyes
سال انتشار
۲۰۲۲
فرمت
PDF
زبان
انگلیسی
حجم فایل
۱٫۹ مگابایت

دربارهٔ کتاب

Learn how to find interesting behaviour and flaws in JavaScript. Reading this book you will find the latest and greatest techniques for hacking JavaScript and generating XSS payloads. Includes ways to construct JavaScript using only +[]()! characters. Never heard of DOM Clobbering? This book has all the details.Have you ever wondered how a hacker approaches finding flaws in the browser and JavaScript? This book shares the thought processes and gives you tools to find your own flaws. It shares the basics of JavaScript hacking, then dives in and explains how to construct JavaScript payloads that don't use parentheses.Shows how you can find flaws with fuzzing and how to quickly fuzz millions of characters in seconds.Want to hack the DOM? This book has you covered.Read about various browser SOP bypasses that the author found in detail.No idea about client-side prototype pollution? This is the book for you!Want to learn the latest & greatest XSS techniques? You need to buy this book. Table of Contents Chapter one - Introduction Environment Set a goal Fuzzing Persistence and luck Social media The basics Summary Chapter two - JavaScript without parentheses Calling functions without parentheses Calling functions with arguments without parentheses Throw expressions Tagged templates Has instance symbol Summary Chapter three - Fuzzing The truth Fuzzing JavaScript URLs Fuzzing HTTP URLs Fuzzing HTML Fuzzing known behaviours Fuzzing escapes Summary Chapter four - DOM for hackers Where's my window? Scope of a HTML event DOM clobbering Summary Chapter five - Browser exploits Introduction Firefox incorrect handling of cross origin URLs Safari assignments to cross origin hostnames Internet Explorer full SOP bypass Chrome partial SOP infoleak Safari full SOP bypass Opera SOP bypass Summary Chapter six - Prototype pollution Introduction Client-side prototype pollution Server-side prototype pollution Summary Chapter seven - Non-alphanumeric JavaScript Writing non-alphanumeric JavaScript Non-alpha without parentheses The six character wall Infinity and beyond Summary Chapter eight - XSS Closing scripts Comments inside scripts HTML entities inside SVG script Script without closing script Window name payloads Source maps to create pingbacks New redirection sink JavaScript comments New lines Whitespace Dynamic imports XHTML namespace in XML SVG uploads SVG use elements HTML entities Events Summary Credits Have you ever wondered how a hacker approaches finding flaws in the browser and JavaScript? This book shares the thought processes and gives you tools to find your own flaws. It shares the basics of JavaScript hacking, then dives in and explains how to construct JavaScript payloads that don't use parentheses. Shows how you can find flaws with fuzzing and how to quickly fuzz millions of characters in seconds. Want to hack the DOM? This book has you covered. Read about various browser SOP bypasses that the author found in detail. No idea about client-side prototype pollution? This is the book for you! Want to learn the latest & greatest XSS techniques? You need to buy this book.

قیمت نهایی

۴۴٬۰۰۰ تومان