How to Execute Javascript on the URL bar in Modern Browsers
Author: Jeremy Druin Twitter: @webpwnized Description: A user or pen-tester can execute JavaScript on any web page but this became more difficult after Firefox 6. The URL bar no longer allows execution of JavaScript. The about:config allows the URL bar to be reactivated, but there are other options. In this video, we use Firebug add-on for Firefox to provide a JavaScript command line suitible for pen-testing. Mutillidae is a free, open source web application that contains dozens of web app vulnerabilities from the OWASP Top Ten and beyond. The application is a safe, easy-to-use practice target for pen-testers, security enthusiasts, and students. Mutillidae contains 3 levels of defenses, hints, and instructions so it is ideal for those starting out in web pen-testing. Mutillidae is available from Sourceforge. Updates are tweeted to @webpwnized. The webpwnized youtube channel contains videos about using Mutillidae. Thank you for watching. Please support this channel. Up vote, subscribe or even donate by clicking "Support" at https://www.youtube.com/user/webpwnized! The webpwnized YouTube channel is dedicated to information security, security testing and ethical hacking. There is an emphasis on web application security but many other topics are covers. Some of these include forensics, network security, security testing tools and security testing processes. The channel provides videos to encourage software developers and system administrators to perform security testing. Also, the channel educates the next generation of security testers and bug bounty hunters who want to respectfully, legally and ethically help system owners that allow security testing.
Author: Jeremy Druin Twitter: @webpwnized Description: A user or pen-tester can execute JavaScript on any web page but this became more difficult after Firefox 6. The URL bar no longer allows execution of JavaScript. The about:config allows the URL bar to be reactivated, but there are other options. In this video, we use Firebug add-on for Firefox to provide a JavaScript command line suitible for pen-testing. Mutillidae is a free, open source web application that contains dozens of web app vulnerabilities from the OWASP Top Ten and beyond. The application is a safe, easy-to-use practice target for pen-testers, security enthusiasts, and students. Mutillidae contains 3 levels of defenses, hints, and instructions so it is ideal for those starting out in web pen-testing. Mutillidae is available from Sourceforge. Updates are tweeted to @webpwnized. The webpwnized youtube channel contains videos about using Mutillidae. Thank you for watching. Please support this channel. Up vote, subscribe or even donate by clicking "Support" at https://www.youtube.com/user/webpwnized! The webpwnized YouTube channel is dedicated to information security, security testing and ethical hacking. There is an emphasis on web application security but many other topics are covers. Some of these include forensics, network security, security testing tools and security testing processes. The channel provides videos to encourage software developers and system administrators to perform security testing. Also, the channel educates the next generation of security testers and bug bounty hunters who want to respectfully, legally and ethically help system owners that allow security testing.