Scribd
Upload
5K views

JavaScript For Hackers

This document provides an introduction to JavaScript for hackers, listing various JavaScript tools, payloads, and techniques useful for penetration testing. It includes links to courses on JavaScript hacking, collections of malicious JavaScript code, and GitHub repositories containing code samples for cross-site scripting and other JavaScript attacks. Laboratories and challenges are also referenced for practicing JavaScript-based hacking skills.

Uploaded by

Ghost
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
5K views

JavaScript For Hackers

This document provides an introduction to JavaScript for hackers, listing various JavaScript tools, payloads, and techniques useful for penetration testing. It includes links to courses on JavaScript hacking, collections of malicious JavaScript code, and GitHub repositories containing code samples for cross-site scripting and other JavaScript attacks. Laboratories and challenges are also referenced for practicing JavaScript-based hacking skills.

Uploaded by

Ghost
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 51

JavaScript for Hackers

JOAS ANTONIO
Details
This pdf is based on content from PenTest Academy and other professionals,
credits will be placed on the respective pages.
LinkedIn: https://www.linkedin.com/in/joas-antonio-dos-santos
Courses JavaScript for PenTest
https://www.pentesteracademy.com/course?id=11
https://www.youtube.com/watch?v=FTeE3OrTNoA
https://www.youtube.com/watch?v=HptfL5WRYF8
https://www.youtube.com/watch?v=-UPRQBQV5Lo
https://www.youtube.com/watch?v=mG0Sm0GQ6ck&list=PL9w1Wxb9TxnO4_0
j5NJ7zYG0WBpM8UDLs
https://www.udemy.com/course/ethical-hacking-with-python-javascript-and-kali-
linux/
XSS for PenTest – Boku7
Github: https://github.com/boku7
The codes shown in the next slides were created by boku7
XHR-formHarvester.js

https://github.com/boku7/XSS-Clientside-Attacks/blob/master/XHR-formHarvester.js
XSS-XHR-CSRF-
UploadFile-
PHPwebshell.js

https://github.com/boku
7/XSS-Clientside-
Attacks/blob/master/XS
S-XHR-CSRF-
UploadFile-
PHPwebshell.js
XSS-XHR-
WebShellUpload.js

https://github.com/boku
7/XSS-Clientside-
Attacks/blob/master/XS
S-XHR-
WebShellUpload.js
XSS-XHR.js
https://github.com/boku
7/XSS-Clientside-
Attacks/blob/master/XS
S-XHR.js
alert-cookie.js
https://github.com/boku
7/XSS-Clientside-
Attacks/blob/master/aler
t-cookie.js
autoComplete-
Harvester.js
https://github.com/boku
7/XSS-Clientside-
Attacks/blob/master/aut
oComplete-Harvester.js
bannerMod-
deface.js

https://github.com/boku
7/XSS-Clientside-
Attacks/blob/master/ban
nerMod-deface.js
bannerMod-
deface.js

https://github.com/boku
7/XSS-Clientside-
Attacks/blob/master/ban
nerMod-deface.js
changeAllLinks.js

https://github.com/boku
7/XSS-Clientside-
Attacks/blob/master/cha
ngeAllLinks.js
clickJacker.js
https://github.com/boku
7/XSS-Clientside-
Attacks/blob/master/clic
kJacker.js
cookieHarvester
.js
https://github.com/boku
7/XSS-Clientside-
Attacks/blob/master/clic
kJacker.js
eventListener-
alert.js
https://github.com/boku
7/XSS-Clientside-
Attacks/blob/master/eve
ntListener-alert.js
formHijack-
credHarverter.js
https://github.com/boku
7/XSS-Clientside-
Attacks/blob/master/for
mHijack-credHarverter.js
js2remoteScript
Source.js
https://github.com/boku
7/XSS-Clientside-
Attacks/blob/master/js2r
emoteScriptSource.js
keylogger-
keyHarvester.js
https://github.com/boku
7/XSS-Clientside-
Attacks/blob/master/key
logger-keyHarvester.js
remote-
alertCookie.js

https://github.com/boku
7/XSS-Clientside-
Attacks/blob/master/re
mote-alertCookie.js
remote-
onSubmit-
FormJack-XHR.js
https://github.com/boku
7/XSS-Clientside-
Attacks/blob/master/re
mote-onSubmit-
FormJack-XHR.js
remoteScriptS
ource.js
https://github.com/boku
7/XSS-Clientside-
Attacks/blob/master/re
moteScriptSource.js
replaceImage.
js
https://github.com/boku
7/XSS-Clientside-
Attacks/blob/master/rep
laceImage.js
Urlencoder.py

https://github.com/boku
7/XSS-Clientside-
Attacks/blob/master/url
encoder.py
JavaScript Collection
https://github.com/bupt007/pentester-for-javascript-
https://github.com/pownjs/pown
https://github.com/gabemarshall/Brosec
https://github.com/roccomuso/netcat
https://github.com/Shmakov/Honeypot
https://github.com/silverwind/default-gateway
https://github.com/cybersecurity-acmgmrit/Javascript-Pentesting
https://github.com/HynekPetrak/javascript-malware-collection
https://github.com/geeksonsecurity/js-malicious-dataset
https://github.com/CapacitorSet/box-js
https://github.com/koto/owasp-malicious-javascript
JavaScript Doom XSS
Source: An input that could be controlled by an external (untrusted) source.
JavaScript
Doom XSS
Sink: A potentially
dangerous method that
could lead to a
vulnerability. In this case
a DOM Based XSS.
Awesome
Payloads
Awesome
Payloads
Some less detected event handlers
Awesome
Payloads
Some HTML Tags that you will be using

https://github.com/s0md3v/AwesomeXSS
Awesome
Payloads
Some HTML Tags that you will be using

https://github.com/s0md3v/AwesomeXSS
JSHacking – Ankur8931
Github: https://github.com/ankur8931
The codes shown in the next slides were created by Ankur8931
JSHacking – Ankur8931
1.form-submit.js - Hijacking form submit 11.xmlhttpreq-fetch.js - Fetch email from provided URL using XML http
request
2.social-engg.js - Social Engineering exploit to hijack form submit and redirect
to different page 12.data-exfil.js - Exfiltration of Credit card information to the attacker server

3.mouse-click.js - Capturing mouse click events and redirecting to different 13.csrf-token.js - Extract CSRF token and submit to web
page
14.csrf-token-uid.js - Extract the email using UID, and CSRF token. Display the
4.keylogger.js - loggin keystrokes to SimpleHTTPServer running on port 9000 email address on the page.

5.event-listener.js - Listen to form submit event and show password in the 15.html-parsing.js - Parse HTML response by exploiting xss and insert addess
pop up alert box into div result

6.external.js - running external js from script source to bypass any code 16.multi-level-html.js - Extract credit card number via multi-level HTML
limitation checks documents and post to the server

7.external-noscript.js - include external javascript without using script tags 17.multi-json.js - Multi level JSON parsing and displaying information in the
div element result
8.replace-img.js - replace old image by new image in JS
18.multi-xml.js - Multi level XML parsing and displaying information in div
9.autocomplete-timer.js - wait for 10s and submit the form to the attacker element result
server

10.xmlhttpreq.js - XML http request to send form submit parameters to the


attacker server
autocomplete-timer.js
csrf-token-
uid.js
csrf-
token.js
csrf-
token.js
data-exfil.js
eventlistener.
js
external-noscript.js
form-
submit.js
htmlparsing.js
keylogger.js
Social-engg.js
Xmlhttpreq.js
System-command.js
Awesome XSS
https://github.com/s0md3v/AwesomeXSS
https://github.com/humblelad/Awesome-XSS-Payloads
https://owasp.org/www-community/xss-filter-evasion-cheatsheet
https://book.hacktricks.xyz/pentesting-web/xss-cross-site-scripting
JavaScript Hacking
https://www.blackhat.com/presentations/bh-europe-07/Sotirov/Presentation/bh-eu-07-sotirov-apr19.pdf
https://www.blackhat.com/presentations/bh-usa-07/Sotirov/Whitepaper/bh-usa-07-sotirov-WP.pdf
https://www.blackhat.com/docs/asia-14/materials/Nafeez/Asia-14-Nafeez-JS-Suicide-Using-JavaScript-Security-Features-To-Kill-JS-
Security.pdf
https://www.blackhat.com/docs/us-17/wednesday/us-17-Randolph-Delivering-Javascript-to-World-Plus-Dog.pdf
https://www.blackhat.com/docs/eu-15/materials/eu-15-Stock-Your-Scripts-In-My-Page-What-Could-Possibly-Go-Wrong.pdf
https://i.blackhat.com/USA-20/Wednesday/us-20-Park-NoJITsu-Locking-Down-JavaScript-Engines.pdf
https://www.blackhat.com/docs/us-15/materials/us-15-Silvanovich-Attacking-ECMA-Script-Engines-With-Redefinition-wp.pdf
https://www.blackhat.com/presentations/bh-usa-07/Feinstein_and_Peck/Presentation/bh-usa-07-feinstein_and_peck.pdf
https://www.blackhat.com/presentations/bh-jp-06/BH-JP-06-Moniz.pdf
https://i.blackhat.com/eu-20/Thursday/eu-20-Heyes-Portable-Data-ExFiltration-XSS-For-PDFs-2-wp.pdf
https://www.blackhat.com/docs/us-17/thursday/us-17-Lekies-Dont-Trust-The-DOM-Bypassing-XSS-Mitigations-Via-Script-
Gadgets.pdf
Bug Bounty JavaScript for Hackers
https://medium.com/geekculture/analysing-javascript-files-for-bug-bounty-hunters-71e2727abebe
https://hackerone.com/nodejs?type=team
https://thehackerish.com/javascript-enumeration-for-bug-bounty-hunters/
https://www.youtube.com/watch?v=8sfc0PlVyWA
https://www.youtube.com/watch?v=nkznsNxDM5k
https://www.youtube.com/watch?v=G2pWVBgCjvg
https://www.youtube.com/watch?v=A3eqNoYUdGc
https://www.bugbountyhunter.com/guides/?type=javascript_files
https://www.securecoding.com/blog/monitoring-javascript-files-for-bugbounty/
https://infosecwriteups.com/bug-bounty-tips-tricks-js-javascript-files-bdde412ea49d
https://research.securitum.com/art-of-bug-bounty-a-way-from-js-file-analysis-to-xss/
Bug Bounty JavaScript for Hackers
https://bitthebyte.medium.com/javascript-for-bug-bounty-hunters-part-1-
dd08ed34b5a8
https://www.youtube.com/watch?v=vUrx113ZtEw
https://infosecwriteups.com/javascript-files-recon-23ac49fe6120
https://portswigger.net/daily-swig/facebook-offers-40k-for-javascript-vulnerabilities-
in-bug-bounty-program
https://jsoverson.medium.com/hacking-javascript-with-javascript-6adbeaba22e9
Laboratory
https://portswigger.net/web-security/cross-site-scripting/reflected/lab-html-context-
nothing-encoded
https://github.com/paralax/xss-labs
https://pentesterlab.com/exercises/xss_and_mysql_file/course
https://challenge-0721.intigriti.io/
https://www.youtube.com/watch?v=IhPsBMBDFcg
https://www.youtube.com/watch?v=Wbovgw3Qxxc
https://blog.isiraadithya.com/intigriti-0321-xss-challenge-writeup/

You might also like