The Browser Hacker's Handbook gives a practical understanding of hacking the everyday web browser and using it as a beachhead to launch further attacks deep into corporate networks. Written by a team of highly experienced computer security experts, the handbook provides hands-on tutorials exploring a range of current attack methods.
The web browser has become the most popular and widely used computer "program" in the world. As the gateway to the Internet, it is part of the storefront to any business that operates online, but it is also one of the most vulnerable entry points of any system. With attacks on the rise, companies are increasingly employing browser-hardening techniques to protect the unique vulnerabilities inherent in all currently used browsers. The Browser Hacker's Handbook thoroughly covers complex security issues and explores relevant topics such as:
- Bypassing the Same Origin Policy
- ARP spoofing, social engineering, and phishing to access browsers
- DNS tunneling, attacking web applications, and proxying—all from the browser
- Exploiting the browser and its ecosystem (plugins and extensions)
- Cross-origin attacks, including Inter-protocol Communication and Exploitation
The Browser Hacker's Handbook is written with a professional security engagement in mind. Leveraging browsers as pivot points into a target's network should form an integral component into any social engineering or red-team security assessment. This handbook provides a complete methodology to understand and structure your next browser penetration test.
From the Back Cover
Browsers have never been more vulnerable.
Are you prepared?
The browser has essentially become the operating system of the modern era, and with that comes vulnerabilities on a scale not yet seen in IT security. The Browser Hacker’s Handbook, written by an expert team of browser hackers, is the first book of its kind to offer a tutorial-based approach to understanding browser vulnerabilities and learning to defend your networks and critical systems from potential attacks.
This comprehensive guide will show you exactly how hackers target browsers and exploit their weaknesses to establish a beachhead and launch attacks deep into your network. Fight back with The Browser Hacker’s Handbook.
- Exploit the most common vulnerabilities of Firefox®, Internet Explorer®, and Chrome™, as well as other browsers
- Leverage browsers as pivot points into a target’s network when performing security assessments
- Initiate—and maintain—control over a target browser, giving you direct access to sensitive assets
- Exploit weaknesses in browser plugins and extensions, two of the most vulnerable entry points for the browser
- Use Inter-protocol Communication and Exploitation to further exploit internal network systems from the hooked browser
Visit the companion website at browserhacker.com to download all the code examples in this book.