Cours

This module focuses on identifying and exploiting CSRF and XSS vulnerabilities in modern web applications, delving into the intricacies of contemporary defense mechanisms and techniques to circumvent them. Specifically, we will craft potent XSS payloads to achieve engagement objectives, such as data exfiltration, victim impersonation, and execution of state-changing actions within a web application. Additionally, we will learn how to enumerate and exploit vulnerabilities in web applications within victims' internal networks.

In more detail, this module covers the following:

• CSRF Exploitation:

  • What is the Same-Origin policy?

  • What is Cross-Origin Resource Sharing (CORS)?

  • Exploitation of CORS misconfigurations

  • Bypassing weak CSRF defenses

• Exploiting CSRF via XSS

  • Exfiltrating data from the victim's session

  • Performing state-changing actions from the victim's session

  • Enumerating internal web applications

  • Exploiting internal web applications

  • What is a Content-Security Policy (CSP)?

  • Bypassing weak CSPs

  • Bypassing weak XSS filters

This module is broken into sections with accompanying hands-on exercises to practice each of the tactics and techniques we cover. The module ends with a practical hands-on skills assessment to gauge your understanding of the various topic areas.

You can start and stop the module anytime and pick up where you left off. There is no time limit or "grading", but you must complete all of the exercises and the skills assessment to receive the maximum number of cubes and have this module marked as complete in any paths you have chosen.

As you work through the module, you will see example commands and command output for the various topics introduced. It is worth reproducing as many of these examples as possible to reinforce further the concepts presented in each section. You can do this in the PwnBox provided in the interactive sections or your virtual machine.