CHAPTER 16
Next-Generation Web Application Exploitation
The basics of web exploitation have been covered in previous editions and exhaustively on the Web. However, some of the more advanced techniques are a bit harder to wrap your head around, so in this chapter we’re going to be looking at some of the attack techniques that made headlines from 2014 to 2017. We’ll be digging into these techniques to get a better understanding of the next generation of web attacks.
In particular, this chapter covers the following topics:
• The evolution of cross-site scripting (XSS)
• Framework vulnerabilities
• Padding oracle attacks
The Evolution of Cross-Site Scripting (XSS)
Cross-site scripting (XSS) is one of the most misunderstood web vulnerabilities ...
Get Gray Hat Hacking The Ethical Hacker's Handbook, Fifth Edition, 5th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.