User data is processed every single day by modern web applications. Think about PDFs, images, and links. They are everywhere. What’s more – they can be used to hack your web applications and obviously you don’t want that to happen.

In this course you will learn how your web applications can be hacked via PDFs, images, and links. You will also learn how to check if your web applications are vulnerable to these attacks. First, I’ll show you how an attacker can steal a user’s sensitive data via a PDF. Next, I’ll present how the attacker can launch an XSS attack via an image. Finally, I’ll demonstrate how the attacker can launch a user redirection attack via a link (using window.opener tabnabbing).

For every single attack there is a DEMO so that you can see, step-by-step, how these attacks work in practice. I hope this sounds good to you and I can’t wait to see you in the class.

Note: you can get paid for these bugs in bug bounty programs.