- Offensive HTML, SVG, CSS and other Browser-Evil
Trainer Name: Mario Heiderich
Title: Offensive HTML, SVG, CSS and other Browser-Evil
Duration: 4 Days
Dates: 22nd - 25th March 2021
Time: 2.00 PM to 6.00 PM IST
Delivery Mode: via Zoom.us and Discord Platform
Chapter One: History & Basics
- The History of Web Security and Web Attacks
- The History of Browsers
Chapter Two: Cookies, Sessions, XSS
- Cookies & Sessions
- Same Origin Policy
- Authentication & Authorization
- The Basics of Cross-Site Scripting
Chapter Three: Advanced XSS
- Advanced XSS
- mXSS and DOM Mutations
Chapter Four: Browsers & Beyond
- The DOM
- DOM Clobbering & DOM XSS
- jQuery, Expression Injections, AngularJS
- postMessage XSS
- Flash Security
Who should attend?
The lecture is offered as a block event. The lecture is explicitly also suitable for students who have already heard XML- und Webservicesicherheit/Websicherheit and want to deepen their knowledge.
What to bring?
- A Laptop, OS doesn't matter
- Working Internet Connection
What to Expect?
Upon successful completion of the module, students will have a comprehensive understanding of the technical aspects of web and browser security. They have acquired a comprehensive understanding of systems for complex web applications. Through independent considerations and their implementation in practical projects to improve network security, students prepare for their role in professional life. They can analyse new problems and develop new solutions. They can argue the benefits of the solutions they have developed.
About the Trainer
Mario Heiderich, handsome heart-breaker, bon-vivant and (as he loves to call himself) "security researcher" is from Berlin, likes everything between lesser- and greater-than, leads the small yet exquisite pen-test company called Cure53 and pesters peaceful attendees on various 5th tier conferences with his hastily assembled powerpoint-slides. Mario recently watched a movie about Chitty the robot and then decided it's time to give a talk in India again.