https://ahessmat.netlify.com/tags/keylogger/Recent content in keylogger on Asa's WebsiteHugo -- gohugo.ioen-usFri, 05 Mar 2021 19:48:49 +0000https://ahessmat.netlify.com/post/2021-03-review-javascript-for-pentesters/Fri, 05 Mar 2021 19:48:49 +0000https://ahessmat.netlify.com/post/2021-03-review-javascript-for-pentesters/Preamble I just finished the “Javascript for Pentesters” course offered by PentesterAcademy. I found it to be an effective refresher in injecting Javascript and manipulating the Document Object Model (DOM). However, it was woefully thin on educational material. The course is composed of 21 Tasks that progressively build upon each other. Initially, the attacker is simply editing the DOM; overtime, this goes into hijacking Cross-Site Request Forgery (CSRF) tokens, working with JSON-formatted string data, and passing data to an attacker controlled webserver.