The Browser Hacker's Handbook

The Browser Hacker's Handbook
By Wade Alcorn, Christian Frichot, Michele Orru

List Price: $55.00
Price: $43.93 Details

Availability: Usually ships in 24 hours
Ships from and sold by

28 new or used available from $27.32

Average customer review:
(17 customer reviews)

Product Description

Hackers exploit browser vulnerabilities to attack deep within networks

The Browser Hacker's Handbook gives a practical understanding of hacking the everyday web browser and using it as a beachhead to launch further attacks deep into corporate networks. Written by a team of highly experienced computer security experts, the handbook provides hands-on tutorials exploring a range of current attack methods.

The web browser has become the most popular and widely used computer "program" in the world. As the gateway to the Internet, it is part of the storefront to any business that operates online, but it is also one of the most vulnerable entry points of any system. With attacks on the rise, companies are increasingly employing browser-hardening techniques to protect the unique vulnerabilities inherent in all currently used browsers. The Browser Hacker's Handbook thoroughly covers complex security issues and explores relevant topics such as:

  • Bypassing the Same Origin Policy
  • ARP spoofing, social engineering, and phishing to access browsers
  • DNS tunneling, attacking web applications, and proxying—all from the browser
  • Exploiting the browser and its ecosystem (plugins and extensions)
  • Cross-origin attacks, including Inter-protocol Communication and Exploitation

The Browser Hacker's Handbook is written with a professional security engagement in mind. Leveraging browsers as pivot points into a target's network should form an integral component into any social engineering or red-team security assessment. This handbook provides a complete methodology to understand and structure your next browser penetration test.

Product Details

  • Amazon Sales Rank: #239624 in Books
  • Brand: imusti
  • Published on: 2014-03-24
  • Original language: English
  • Number of items: 1
  • Dimensions: 9.30" h x 1.20" w x 7.40" l, 2.35 pounds
  • Binding: Paperback
  • 648 pages


  • Wiley

Editorial Reviews

From the Back Cover

Browsers have never been more vulnerable.
Are you prepared?

The browser has essentially become the operating system of the modern era, and with that comes vulnerabilities on a scale not yet seen in IT security. The Browser Hacker’s Handbook, written by an expert team of browser hackers, is the first book of its kind to offer a tutorial-based approach to understanding browser vulnerabilities and learning to defend your networks and critical systems from potential attacks.

This comprehensive guide will show you exactly how hackers target browsers and exploit their weaknesses to establish a beachhead and launch attacks deep into your network. Fight back with The Browser Hacker’s Handbook.

Learn to:

  • Exploit the most common vulnerabilities of Firefox®, Internet Explorer®, and Chrome™, as well as other browsers
  • Leverage browsers as pivot points into a target’s network when performing security assessments
  • Initiate—and maintain—control over a target browser, giving you direct access to sensitive assets
  • Exploit weaknesses in browser plugins and extensions, two of the most vulnerable entry points for the browser
  • Use Inter-protocol Communication and Exploitation to further exploit internal network systems from the hooked browser

Visit the companion website at to download all the code examples in this book.

About the Author

WADE ALCORN is the creator of the BeEF open source browser exploitation framework, among’s top 10 security tools.

CHRISTIAN FRICHOT is a lead developer of BeEF, as well as a leader of the Perth Open Web Application Security Project.

MICHELE ORRÙ is the lead core developer of BeEF, as well as a vulnerability researcher and social engineer.

Customer Reviews

Most helpful customer reviews

2 of 2 people found the following review helpful.
5Great reference. I will keep referring to this book constantly in my line of work.
By Rob53
This book had a ton more info than I expected. Some of it was a little too advanced for my current level of skills but that just means that I now know what I need to study more. I see this book as a reference to have close by at all times. This book covers more about browsers than I ever cared to know; I highly recommend this reading to anyone wanting to improve your browser exploit knowledge.

0 of 0 people found the following review helpful.
5One of the best in this field
By Tave
One of the best in this field. Are there any other books about browser exploitation? I've seen none. I got a lot from this book, I mean in practice. I didn't even need working samples, as someone complained below (and rank it with 1 star). The main thing about this book is that it gives the ideas of how to do it. It teaches fishing, not fishes for you. If you are an IT engineer you can easily repeat all that explained in this book. Thank you, Wade Alcorn!

0 of 0 people found the following review helpful.
5Impressive depth covering modern browser insecurity
By Andy Johnson
If you are interested in knowing how crackers are breaching the thin shells corporations have constructed as their primary defense this is a great read. I hope more of this material is read and we see more aggressive egress monitoring/filtering in our future networks.

See all 17 customer reviews...

Connect with defaultLogic
What We've Done
Led Digital Marketing Efforts of Top 500 e-Retailers.
Worked with Top Brands at Leading Agencies.
Successfully Managed Over $50 million in Digital Ad Spend.
Developed Strategies and Processes that Enabled Brands to Grow During an Economic Downturn.
Taught Advanced Internet Marketing Strategies at the graduate level.

Warning: include(s2/ac/defaultlogic/modal.php): failed to open stream: No such file or directory in /home/adddocom/public_html/s2/lib/cm/dyn.php on line 33

Warning: include(s2/ac/defaultlogic/modal.php): failed to open stream: No such file or directory in /home/adddocom/public_html/s2/lib/cm/dyn.php on line 33

Warning: include(): Failed opening 's2/ac/defaultlogic/modal.php' for inclusion (include_path='.:/opt/alt/php55/usr/share/pear:/opt/alt/php55/usr/share/php') in /home/adddocom/public_html/s2/lib/cm/dyn.php on line 33

Manage research, learning and skills at defaultLogic. Create an account using LinkedIn or facebook to manage and organize your IT knowledge. defaultLogic works like a shopping cart for information -- helping you to save, discuss and share.

  Contact Us