2 Videos for postMessage() III

PRO
Tier
Medium
1-2 Hrs.
947
Orange Badge
image of exercise postMessage() III - Introduction
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
postMessage() III - Introduction

In this video, we cover the exercise postMessage III on postMessage in JavaScript and Event Listener. Learn how to securely enable communication between windows without going through the server and understand the risks of cross-site scripting (XSS) when security checks are bypassed.

video duration icon04:30 number of views icon1063

 

image of exercise postMessage() III: Exploitation
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Spoiler
postMessage() III: Exploitation

In this video, we dive into the exploitation of the postMessage vulnerability in a web application. We explore how to manipulate the postMessage functionality to execute cross-site scripting (XSS) attacks and ultimately steal user cookies.

video duration icon09:46 number of views icon1799