├── Cross-Window-Messanging ├── 1-Example-send ├── 2-Example-Listen-1 ├── 3-Vulnerable-Listener ├── 4-Vulnerable-Listener-2 ├── 5-Vulnerable-Send ├── 6-Facebook-redirect.php-source-code ├── 7-Facebook-proxy_page-source-code └── 8-Facebook-Exploit ├── Dom_XSS ├── 1-Example ├── 2-Example-2 └── 3-Example-3 ├── Injection_Attacks ├── 1-Example ├── 2-Example-Attack1 ├── 3-Example-Dom-Clobbering-1 ├── 4-Example-Dom-Clobbering-2 ├── 5-Example-Markup-Injection ├── 6-Example-Markup-Injection-Exploit └── 7-Example-CSS-Injection ├── Prototye_Pollution ├── 1-Intro ├── 2-Example1 ├── 3-Example2 ├── 4-merge ├── 5-UsingPrototype ├── 6-Hackerone-report-1 ├── 7-Hackerone-report-2 └── 8-Hackerone-report-3 ├── README.md └── Websocket_Attacks ├── 1-Example-Websocket └── 2-Attack-Websocket-Facebook /Cross-Window-Messanging/1-Example-send: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Cross-Window-Messanging/1-Example-send -------------------------------------------------------------------------------- /Cross-Window-Messanging/2-Example-Listen-1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Cross-Window-Messanging/2-Example-Listen-1 -------------------------------------------------------------------------------- /Cross-Window-Messanging/3-Vulnerable-Listener: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Cross-Window-Messanging/3-Vulnerable-Listener -------------------------------------------------------------------------------- /Cross-Window-Messanging/4-Vulnerable-Listener-2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Cross-Window-Messanging/4-Vulnerable-Listener-2 -------------------------------------------------------------------------------- /Cross-Window-Messanging/5-Vulnerable-Send: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Cross-Window-Messanging/5-Vulnerable-Send -------------------------------------------------------------------------------- /Cross-Window-Messanging/6-Facebook-redirect.php-source-code: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Cross-Window-Messanging/6-Facebook-redirect.php-source-code -------------------------------------------------------------------------------- /Cross-Window-Messanging/7-Facebook-proxy_page-source-code: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Cross-Window-Messanging/7-Facebook-proxy_page-source-code -------------------------------------------------------------------------------- /Cross-Window-Messanging/8-Facebook-Exploit: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Cross-Window-Messanging/8-Facebook-Exploit -------------------------------------------------------------------------------- /Dom_XSS/1-Example: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Dom_XSS/1-Example -------------------------------------------------------------------------------- /Dom_XSS/2-Example-2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Dom_XSS/2-Example-2 -------------------------------------------------------------------------------- /Dom_XSS/3-Example-3: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Dom_XSS/3-Example-3 -------------------------------------------------------------------------------- /Injection_Attacks/1-Example: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Injection_Attacks/1-Example -------------------------------------------------------------------------------- /Injection_Attacks/2-Example-Attack1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Injection_Attacks/2-Example-Attack1 -------------------------------------------------------------------------------- /Injection_Attacks/3-Example-Dom-Clobbering-1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Injection_Attacks/3-Example-Dom-Clobbering-1 -------------------------------------------------------------------------------- /Injection_Attacks/4-Example-Dom-Clobbering-2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Injection_Attacks/4-Example-Dom-Clobbering-2 -------------------------------------------------------------------------------- /Injection_Attacks/5-Example-Markup-Injection: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Injection_Attacks/5-Example-Markup-Injection -------------------------------------------------------------------------------- /Injection_Attacks/6-Example-Markup-Injection-Exploit: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Injection_Attacks/6-Example-Markup-Injection-Exploit -------------------------------------------------------------------------------- /Injection_Attacks/7-Example-CSS-Injection: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Injection_Attacks/7-Example-CSS-Injection -------------------------------------------------------------------------------- /Prototye_Pollution/1-Intro: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Prototye_Pollution/1-Intro -------------------------------------------------------------------------------- /Prototye_Pollution/2-Example1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Prototye_Pollution/2-Example1 -------------------------------------------------------------------------------- /Prototye_Pollution/3-Example2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Prototye_Pollution/3-Example2 -------------------------------------------------------------------------------- /Prototye_Pollution/4-merge: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Prototye_Pollution/4-merge -------------------------------------------------------------------------------- /Prototye_Pollution/5-UsingPrototype: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Prototye_Pollution/5-UsingPrototype -------------------------------------------------------------------------------- /Prototye_Pollution/6-Hackerone-report-1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Prototye_Pollution/6-Hackerone-report-1 -------------------------------------------------------------------------------- /Prototye_Pollution/7-Hackerone-report-2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Prototye_Pollution/7-Hackerone-report-2 -------------------------------------------------------------------------------- /Prototye_Pollution/8-Hackerone-report-3: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Prototye_Pollution/8-Hackerone-report-3 -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Code in the presentation could be found here. 2 | -------------------------------------------------------------------------------- /Websocket_Attacks/1-Example-Websocket: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Websocket_Attacks/1-Example-Websocket -------------------------------------------------------------------------------- /Websocket_Attacks/2-Attack-Websocket-Facebook: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/samm0uda/workshop/HEAD/Websocket_Attacks/2-Attack-Websocket-Facebook --------------------------------------------------------------------------------