Orange Badge
390 Completed
22 Videos
15 Exercises
The orange badge is our third set of exercises. It covers a wide range of vulnerabilities targetting other clients of the applications (XSS, CSRF, CORS...)
Exercises
Medium
PENTESTERLAB
postMessage() IV
- This exercise covers how insecure calls to the JavaScript function postMessage() can be used to leak sensitive information when a listener does not filter the Origin and X-Frame-Options is used
- 1 video
- Completed by 876 students
- Takes < 1 Hr. on average
- HTML/Javascript