Description

Book Synopsis
Hackers exploit browser vulnerabilities to attack deep within networks

The Browser Hacker''s Handbook gives a practical understanding of hacking the everyday web browser and using it as a beachhead to launch further attacks deep into corporate networks. Written by a team of highly experienced computer security experts, the handbook provides hands-on tutorials exploring a range of current attack methods.

The web browser has become the most popular and widely used computer program in the world. As the gateway to the Internet, it is part of the storefront to any business that operates online, but it is also one of the most vulnerable entry points of any system. With attacks on the rise, companies are increasingly employing browser-hardening techniques to protect the unique vulnerabilities inherent in all currently used browsers. The Browser Hacker''s Handbook thoroughly covers complex security issues and explores relevant topics such as:

  • Bypass

    Table of Contents

    Introduction xv

    Chapter 1 Web Browser Security 1

    A Principal Principle 2

    Exploring the Browser 3

    Symbiosis with the Web Application 4

    Same Origin Policy 4

    HTTP Headers 5

    Markup Languages 5

    Cascading Style Sheets 6

    Scripting 6

    Document Object Model 7

    Rendering Engines 7

    Geolocation 9

    Web Storage 9

    Cross-origin Resource Sharing 9

    Html 5 10

    Vulnerabilities 11

    Evolutionary Pressures 12

    HTTP Headers 13

    Reflected XSS Filtering 15

    Sandboxing 15

    Anti-phishing and Anti-malware 16

    Mixed Content 17

    Core Security Problems 17

    Attack Surface 17

    Surrendering Control 20

    TCP Protocol Control 20

    Encrypted Communication 20

    Same Origin Policy 21

    Fallacies 21

    Browser Hacking Methodology 22

    Summary 28

    Questions 28

    Notes 29

    Chapter 2 Initiating Control 31

    Understanding Control Initiation 32

    Control Initiation Techniques 32

    Using Cross-site Scripting Attacks 32

    Using Compromised Web Applications 46

    Using Advertising Networks 46

    Using Social Engineering Attacks 47

    Using Man-in-the-Middle Attacks 59

    Summary 72

    Questions 73

    Notes 73

    Chapter 3 Retaining Control 77

    Understanding Control Retention 78

    Exploring Communication Techniques 79

    Using XMLHttpRequest Polling 80

    Using Cross-origin Resource Sharing 83

    Using WebSocket Communication 84

    Using Messaging Communication 86

    Using DNS Tunnel Communication 89

    Exploring Persistence Techniques 96

    Using IFrames 96

    Using Browser Events 98

    Using Pop-Under Windows 101

    Using Man-in-the-Browser Attacks 104

    Evading Detection 110

    Evasion using Encoding 111

    Evasion using Obfuscation 116

    Summary 125

    Questions 126

    Notes 127

    Chapter 4 Bypassing the Same Origin Policy 129

    Understanding the Same Origin Policy 130

    Understanding the SOP with the DOM 130

    Understanding the SOP with CORS 131

    Understanding the SOP with Plugins 132

    Understanding the SOP with UI Redressing 133

    Understanding the SOP with Browser History 133

    Exploring SOP Bypasses 134

    Bypassing SOP in Java 134

    Bypassing SOP in Adobe Reader 140

    Bypassing SOP in Adobe Flash 141

    Bypassing SOP in Silverlight 142

    Bypassing SOP in Internet Explorer 142

    Bypassing SOP in Safari 143

    Bypassing SOP in Firefox 144

    Bypassing SOP in Opera 145

    Bypassing SOP in Cloud Storage 149

    Bypassing SOP in CORS 150

    Exploiting SOP Bypasses 151

    Proxying Requests 151

    Exploiting UI Redressing Attacks 153

    Exploiting Browser History 170

    Summary 178

    Questions 179

    Notes 179

    Chapter 5 Attacking Users 183

    Defacing Content 183

    Capturing User Input 187

    Using Focus Events 188

    Using Keyboard Events 190

    Using Mouse and Pointer Events 192

    Using Form Events 195

    Using IFrame Key Logging 196

    Social Engineering 197

    Using TabNabbing 198

    Using the Fullscreen 199

    Abusing UI Expectations 204

    Using Signed Java Applets 223

    Privacy Attacks 228

    Non-cookie Session Tracking 230

    Bypassing Anonymization 231

    Attacking Password Managers 234

    Controlling the Webcam and Microphone 236

    Summary 242

    Questions 243

    Notes 243

    Chapter 6 Attacking Browsers 247

    Fingerprinting Browsers 248

    Fingerprinting using HTTP Headers 249

    Fingerprinting using DOM Properties 253

    Fingerprinting using Software Bugs 258

    Fingerprinting using Quirks 259

    Bypassing Cookie Protections 260

    Understanding the Structure 261

    Understanding Attributes 263

    Bypassing Path Attribute Restrictions 265

    Overflowing the Cookie Jar 268

    Using Cookies for Tracking 270

    Sidejacking Attacks 271

    Bypassing HTTPS 272

    Downgrading HTTPS to HTTP 272

    Attacking Certificates 276

    Attacking the SSL/TLS Layer 277

    Abusing Schemes 278

    Abusing iOS 279

    Abusing the Samsung Galaxy 281

    Attacking JavaScript 283

    Attacking Encryption in JavaScript 283

    JavaScript and Heap Exploitation 286

    Getting Shells using Metasploit 293

    Getting Started with Metasploit 294

    Choosing the Exploit 295

    Executing a Single Exploit 296

    Using Browser Autopwn 300

    Using BeEF with Metasploit 302

    Summary 305

    Questions 305

    Notes 306

    Chapter 7 Attacking Extensions 311

    Understanding Extension Anatomy 312

    How Extensions Differ from Plugins 312

    How Extensions Differ from Add-ons 313

    Exploring Privileges 313

    Understanding Firefox Extensions 314

    Understanding Chrome Extensions 321

    Discussing Internet Explorer Extensions 330

    Fingerprinting Extensions 331

    Fingerprinting using HTTP Headers 331

    Fingerprinting using the DOM 332

    Fingerprinting using the Manifest 335

    Attacking Extensions 336

    Impersonating Extensions 336

    Cross-context Scripting 339

    Achieving OS Command Execution 355

    Achieving OS Command Injection 359

    Summary 364

    Questions 365

    Notes 365

    Chapter 8 Attacking Plugins 371

    Understanding Plugin Anatomy 372

    How Plugins Differ from Extensions 372

    How Plugins Differ from Standard Programs 374

    Calling Plugins 374

    How Plugins are Blocked 376

    Fingerprinting Plugins 377

    Detecting Plugins 377

    Automatic Plugin Detection 379

    Detecting Plugins in BeEF 380

    Attacking Plugins 382

    Bypassing Click to Play 382

    Attacking Java 388

    Attacking Flash 400

    Attacking ActiveX Controls 403

    Attacking PDF Readers 408

    Attacking Media Plugins 410

    Summary 415

    Questions 416

    Notes 416

    Chapter 9 Attacking Web Applications 421

    Sending Cross-origin Requests 422

    Enumerating Cross-origin Quirks 422

    Preflight Requests 425

    Implications 425

    Cross-origin Web Application Detection 426

    Discovering Intranet Device IP Addresses 426

    Enumerating Internal Domain Names 427

    Cross-origin Web Application Fingerprinting 429

    Requesting Known Resources 430

    Cross-origin Authentication Detection 436

    Exploiting Cross-site Request Forgery 440

    Understanding Cross-site Request Forgery 440

    Attacking Password Reset with XSRF 443

    Using CSRF Tokens for Protection 444

    Cross-origin Resource Detection 445

    Cross-origin Web Application Vulnerability Detection 450

    SQL Injection Vulnerabilities 450

    Detecting Cross-site Scripting Vulnerabilities 465

    Proxying through the Browser 469

    Browsing through a Browser 472

    Burp through a Browser 477

    Sqlmap through a Browser 480

    Browser through Flash 482

    Launching Denial-of-Service Attacks 487

    Web Application Pinch Points 487

    DDoS Using Multiple Hooked Browsers 489

    Launching Web Application Exploits 493

    Cross-origin DNS Hijack 493

    Cross-origin JBoss JMX Remote Command Execution 495

    Cross-origin GlassFish Remote Command Execution 497

    Cross-origin m0n0wall Remote Command Execution 501

    Cross-origin Embedded Device Command Execution 502

    Summary 508

    Questions 508

    Notes 509

    Chapter 10 Attacking Networks 513

    Identifying Targets 514

    Identifying the Hooked Browser’s Internal IP 514

    Identifying the Hooked Browser’s Subnet 520

    Ping Sweeping 523

    Ping Sweeping using XMLHttpRequest 523

    Ping Sweeping using Java 528

    Port Scanning 531

    Bypassing Port Banning 532

    Port Scanning using the IMG Tag 537

    Distributed Port Scanning 539

    Fingerprinting Non-HTTP Services 542

    Attacking Non-HTTP Services 545

    NAT Pinning 545

    Achieving Inter-protocol Communication 549

    Achieving Inter-protocol Exploitation 564

    Getting Shells using BeEF Bind 579

    The BeEF Bind Shellcode 579

    Using BeEF Bind in your Exploits 585

    Using BeEF Bind as a Web Shell 596

    Summary 599

    Questions 600

    Notes 601

    Chapter 11 Epilogue: Final Thoughts 605

    Index 609

The Browser Hackers Handbook

Product form

£42.75

Includes FREE delivery

RRP £45.00 – you save £2.25 (5%)

Order before 4pm tomorrow for delivery by Mon 19 Jan 2026.

A Paperback / softback by Wade Alcorn, Christian Frichot, Michele Orru

15 in stock


    View other formats and editions of The Browser Hackers Handbook by Wade Alcorn

    Publisher: John Wiley & Sons Inc
    Publication Date: 08/04/2014
    ISBN13: 9781118662090, 978-1118662090
    ISBN10: 1118662091
    Also in:
    Computer networking and communications

    Description

    Book Synopsis
    Hackers exploit browser vulnerabilities to attack deep within networks

    The Browser Hacker''s Handbook gives a practical understanding of hacking the everyday web browser and using it as a beachhead to launch further attacks deep into corporate networks. Written by a team of highly experienced computer security experts, the handbook provides hands-on tutorials exploring a range of current attack methods.

    The web browser has become the most popular and widely used computer program in the world. As the gateway to the Internet, it is part of the storefront to any business that operates online, but it is also one of the most vulnerable entry points of any system. With attacks on the rise, companies are increasingly employing browser-hardening techniques to protect the unique vulnerabilities inherent in all currently used browsers. The Browser Hacker''s Handbook thoroughly covers complex security issues and explores relevant topics such as:

    • Bypass

      Table of Contents

      Introduction xv

      Chapter 1 Web Browser Security 1

      A Principal Principle 2

      Exploring the Browser 3

      Symbiosis with the Web Application 4

      Same Origin Policy 4

      HTTP Headers 5

      Markup Languages 5

      Cascading Style Sheets 6

      Scripting 6

      Document Object Model 7

      Rendering Engines 7

      Geolocation 9

      Web Storage 9

      Cross-origin Resource Sharing 9

      Html 5 10

      Vulnerabilities 11

      Evolutionary Pressures 12

      HTTP Headers 13

      Reflected XSS Filtering 15

      Sandboxing 15

      Anti-phishing and Anti-malware 16

      Mixed Content 17

      Core Security Problems 17

      Attack Surface 17

      Surrendering Control 20

      TCP Protocol Control 20

      Encrypted Communication 20

      Same Origin Policy 21

      Fallacies 21

      Browser Hacking Methodology 22

      Summary 28

      Questions 28

      Notes 29

      Chapter 2 Initiating Control 31

      Understanding Control Initiation 32

      Control Initiation Techniques 32

      Using Cross-site Scripting Attacks 32

      Using Compromised Web Applications 46

      Using Advertising Networks 46

      Using Social Engineering Attacks 47

      Using Man-in-the-Middle Attacks 59

      Summary 72

      Questions 73

      Notes 73

      Chapter 3 Retaining Control 77

      Understanding Control Retention 78

      Exploring Communication Techniques 79

      Using XMLHttpRequest Polling 80

      Using Cross-origin Resource Sharing 83

      Using WebSocket Communication 84

      Using Messaging Communication 86

      Using DNS Tunnel Communication 89

      Exploring Persistence Techniques 96

      Using IFrames 96

      Using Browser Events 98

      Using Pop-Under Windows 101

      Using Man-in-the-Browser Attacks 104

      Evading Detection 110

      Evasion using Encoding 111

      Evasion using Obfuscation 116

      Summary 125

      Questions 126

      Notes 127

      Chapter 4 Bypassing the Same Origin Policy 129

      Understanding the Same Origin Policy 130

      Understanding the SOP with the DOM 130

      Understanding the SOP with CORS 131

      Understanding the SOP with Plugins 132

      Understanding the SOP with UI Redressing 133

      Understanding the SOP with Browser History 133

      Exploring SOP Bypasses 134

      Bypassing SOP in Java 134

      Bypassing SOP in Adobe Reader 140

      Bypassing SOP in Adobe Flash 141

      Bypassing SOP in Silverlight 142

      Bypassing SOP in Internet Explorer 142

      Bypassing SOP in Safari 143

      Bypassing SOP in Firefox 144

      Bypassing SOP in Opera 145

      Bypassing SOP in Cloud Storage 149

      Bypassing SOP in CORS 150

      Exploiting SOP Bypasses 151

      Proxying Requests 151

      Exploiting UI Redressing Attacks 153

      Exploiting Browser History 170

      Summary 178

      Questions 179

      Notes 179

      Chapter 5 Attacking Users 183

      Defacing Content 183

      Capturing User Input 187

      Using Focus Events 188

      Using Keyboard Events 190

      Using Mouse and Pointer Events 192

      Using Form Events 195

      Using IFrame Key Logging 196

      Social Engineering 197

      Using TabNabbing 198

      Using the Fullscreen 199

      Abusing UI Expectations 204

      Using Signed Java Applets 223

      Privacy Attacks 228

      Non-cookie Session Tracking 230

      Bypassing Anonymization 231

      Attacking Password Managers 234

      Controlling the Webcam and Microphone 236

      Summary 242

      Questions 243

      Notes 243

      Chapter 6 Attacking Browsers 247

      Fingerprinting Browsers 248

      Fingerprinting using HTTP Headers 249

      Fingerprinting using DOM Properties 253

      Fingerprinting using Software Bugs 258

      Fingerprinting using Quirks 259

      Bypassing Cookie Protections 260

      Understanding the Structure 261

      Understanding Attributes 263

      Bypassing Path Attribute Restrictions 265

      Overflowing the Cookie Jar 268

      Using Cookies for Tracking 270

      Sidejacking Attacks 271

      Bypassing HTTPS 272

      Downgrading HTTPS to HTTP 272

      Attacking Certificates 276

      Attacking the SSL/TLS Layer 277

      Abusing Schemes 278

      Abusing iOS 279

      Abusing the Samsung Galaxy 281

      Attacking JavaScript 283

      Attacking Encryption in JavaScript 283

      JavaScript and Heap Exploitation 286

      Getting Shells using Metasploit 293

      Getting Started with Metasploit 294

      Choosing the Exploit 295

      Executing a Single Exploit 296

      Using Browser Autopwn 300

      Using BeEF with Metasploit 302

      Summary 305

      Questions 305

      Notes 306

      Chapter 7 Attacking Extensions 311

      Understanding Extension Anatomy 312

      How Extensions Differ from Plugins 312

      How Extensions Differ from Add-ons 313

      Exploring Privileges 313

      Understanding Firefox Extensions 314

      Understanding Chrome Extensions 321

      Discussing Internet Explorer Extensions 330

      Fingerprinting Extensions 331

      Fingerprinting using HTTP Headers 331

      Fingerprinting using the DOM 332

      Fingerprinting using the Manifest 335

      Attacking Extensions 336

      Impersonating Extensions 336

      Cross-context Scripting 339

      Achieving OS Command Execution 355

      Achieving OS Command Injection 359

      Summary 364

      Questions 365

      Notes 365

      Chapter 8 Attacking Plugins 371

      Understanding Plugin Anatomy 372

      How Plugins Differ from Extensions 372

      How Plugins Differ from Standard Programs 374

      Calling Plugins 374

      How Plugins are Blocked 376

      Fingerprinting Plugins 377

      Detecting Plugins 377

      Automatic Plugin Detection 379

      Detecting Plugins in BeEF 380

      Attacking Plugins 382

      Bypassing Click to Play 382

      Attacking Java 388

      Attacking Flash 400

      Attacking ActiveX Controls 403

      Attacking PDF Readers 408

      Attacking Media Plugins 410

      Summary 415

      Questions 416

      Notes 416

      Chapter 9 Attacking Web Applications 421

      Sending Cross-origin Requests 422

      Enumerating Cross-origin Quirks 422

      Preflight Requests 425

      Implications 425

      Cross-origin Web Application Detection 426

      Discovering Intranet Device IP Addresses 426

      Enumerating Internal Domain Names 427

      Cross-origin Web Application Fingerprinting 429

      Requesting Known Resources 430

      Cross-origin Authentication Detection 436

      Exploiting Cross-site Request Forgery 440

      Understanding Cross-site Request Forgery 440

      Attacking Password Reset with XSRF 443

      Using CSRF Tokens for Protection 444

      Cross-origin Resource Detection 445

      Cross-origin Web Application Vulnerability Detection 450

      SQL Injection Vulnerabilities 450

      Detecting Cross-site Scripting Vulnerabilities 465

      Proxying through the Browser 469

      Browsing through a Browser 472

      Burp through a Browser 477

      Sqlmap through a Browser 480

      Browser through Flash 482

      Launching Denial-of-Service Attacks 487

      Web Application Pinch Points 487

      DDoS Using Multiple Hooked Browsers 489

      Launching Web Application Exploits 493

      Cross-origin DNS Hijack 493

      Cross-origin JBoss JMX Remote Command Execution 495

      Cross-origin GlassFish Remote Command Execution 497

      Cross-origin m0n0wall Remote Command Execution 501

      Cross-origin Embedded Device Command Execution 502

      Summary 508

      Questions 508

      Notes 509

      Chapter 10 Attacking Networks 513

      Identifying Targets 514

      Identifying the Hooked Browser’s Internal IP 514

      Identifying the Hooked Browser’s Subnet 520

      Ping Sweeping 523

      Ping Sweeping using XMLHttpRequest 523

      Ping Sweeping using Java 528

      Port Scanning 531

      Bypassing Port Banning 532

      Port Scanning using the IMG Tag 537

      Distributed Port Scanning 539

      Fingerprinting Non-HTTP Services 542

      Attacking Non-HTTP Services 545

      NAT Pinning 545

      Achieving Inter-protocol Communication 549

      Achieving Inter-protocol Exploitation 564

      Getting Shells using BeEF Bind 579

      The BeEF Bind Shellcode 579

      Using BeEF Bind in your Exploits 585

      Using BeEF Bind as a Web Shell 596

      Summary 599

      Questions 600

      Notes 601

      Chapter 11 Epilogue: Final Thoughts 605

      Index 609

    Recently viewed products

    © 2026 Book Curl

      • American Express
      • Apple Pay
      • Diners Club
      • Discover
      • Google Pay
      • Maestro
      • Mastercard
      • PayPal
      • Shop Pay
      • Union Pay
      • Visa

      Login

      Forgot your password?

      Don't have an account yet?
      Create account