2 Videos for postMessage() III

PRO
Tier
difficulty_medium_icon
Medium
clock icon
< 1 Hr.
number of users completed icon
957
badge icon
Orange Badge
image of exercise postMessage() III - Introduction
play btn
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
postMessage() III - Introduction

In this video, we cover the exercise postMessage III on postMessage in JavaScript and Event Listener. Learn how to securely enable communication between windows without going through the server and understand the risks of cross-site scripting (XSS) when security checks are bypassed.

video duration icon04:30 number of views icon1073

 

image of exercise postMessage() III: Exploitation
play btn
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Spoiler
postMessage() III: Exploitation

In this video, we dive into the exploitation of the postMessage vulnerability in a web application. We explore how to manipulate the postMessage functionality to execute cross-site scripting (XSS) attacks and ultimately steal user cookies.

video duration icon09:46 number of views icon1822