Hacking with WebSockets

Channel:

All Hacking Cons

Subscribers:

5,970

Published on December 30, 2021 8:35:42 PM ● Video Link: https://www.youtube.com/watch?v=JEGSGWjBVBM

Duration: 53:07

195 views

HTML5 isn't just for watching videos on your iPad. Its features may be the target of a security attack as much as they may be used to improve an attack. Vulnerabilities like XSS have been around since the web's beginning, but exploiting them has become increasingly sophisticated. HTML5 features like WebSockets are part of the framework for controlling browsers compromised by XSS.

This presentation provides an overview of WebSockets. How they might increase the attack surface of a web site, their implications for privacy, and the potential security problems with protocols tunneled over them. Then it demonstrates how WebSockets can be used as an effective part of a hacking framework.

It closes with recommendations for deploying WebSockets securely, applying security principles to web app design, and providing a tool for exploring WebSockets security.
Presented By:
Sergey Shekyan
Vaagn Toukharian
Black Hat - USA - 2012 Hacking conference
#hacking, #hackers, #infosec, #opsec, #IT, #security

Other Videos By All Hacking Cons

2021-12-31	Changing the Security Paradigm... Taking back your network and bringing pain to the adversary
2021-12-30	There's a party at ring0 Tavis Ormandy, Julien Tinnes
2021-12-30	Ushering in the post GRC world applied threat modeling Alex Hutton, Allison Miller
2021-12-30	USB Paul carugati
2021-12-30	The future of DNS Security Panel
2021-12-30	CuteCats exe and the Arab Spring
2021-12-30	Hacking the Corporare Mind: using social engineering tactics to improve organizational security
2021-12-30	Legal Aspects of Cyberspace Operations
2021-12-30	Meeting Yaniv Karta
2021-12-30	A stitch in time saves nine: A Case of Multiple Operation System Vurnarability
2021-12-30	Hacking with WebSockets
2021-12-30	Dex Education: Practicing safe Dex
2021-12-30	Dont stand so close to me: an analysis of the NFC attack surface
2021-12-30	Looking into the Eye of the Meter
2021-12-30	Errata Hits Puberty: 13 years of chagrin
2021-12-30	Hardware Backdooring is practical
2021-12-30	Package Clone Detection
2021-12-30	Evasion of Webapplication
2021-12-30	MAC EFI Rootkits
2021-12-30	Passive Bluetooth Monitoring
2021-12-30	HTML5 Threats

Tags:

data

hacker

security

computer

cyber

internet

technology

hacking

attack

digital

information

hack

password

code

concept

protection

network

scam

malware

secure

identity

criminal

phishing

software

access

safety

theft

system

firewall

communication

business

privacy

binary

account

spy

programmer

program

spyware

hacked

hacking conference

conference

learn

how to

2022

cybersecurity

owned

break in

google

securing

exploit

exploitation

recon

social engineering

Sergey Shekyan

Vaagn Toukharian

Channel	Latest
IntroGameOver	11 hours ago
Beyond the Brick	12 hours ago
alanzoka	12 hours ago
CarbotAnimations	13 hours ago
UpUpDownDown	14 hours ago
Sey Senpai	16 hours ago
Thinknoodles	16 hours ago
BeastBoyShub	16 hours ago
RC Kowters	17 hours ago
Andre Nicholas	17 hours ago
XOTICTRE	17 hours ago
Anikilo - Squad Busters	17 hours ago
BUMNOX	17 hours ago
Tin2x Mix Vlog	17 hours ago
xHedi92x	17 hours ago
ALL SERIES	17 hours ago
Wolf Rider Gamerz	17 hours ago
Fragilistic	17 hours ago
Onua966	17 hours ago
Perimlbb	18 hours ago
BimbimFun!	18 hours ago
NBC長崎放送	18 hours ago
Michelle eniva conde	18 hours ago
ARMY GAMERS	18 hours ago
Chappa Games	18 hours ago