Join us on May 15 for a live demo of how Burp Suite DAST solves real-world security challenges.            Register Now
Research Academy
My account Customers About Blog Careers Legal Contact Resellers
Back to all learning paths
PRACTITIONER

Clickjacking (UI redressing)

This learning path deals with clickjacking attacks. You'll learn the fundamentals of clickjacking, how to construct basic attacks, and implement server-side and client-side defense strategies.

Contents

Get started: What is clickjacking?

0 of 19

GET STARTED

What is clickjacking? 0 of 2

What is clickjacking? Get started

What is clickjacking? - Continued

How to construct a basic clickjacking attack 0 of 3

How to construct a basic clickjacking attack

How to construct a basic clickjacking attack - Continued

Lab: Basic clickjacking with CSRF token protection APPRENTICE

Clickbandit 0 of 1

Clickbandit

Clickjacking with prefilled form input 0 of 2

Clickjacking with prefilled form input

Lab: Clickjacking with form input data prefilled from a URL parameter APPRENTICE

Frame busting scripts 0 of 3

Frame busting scripts

Frame busting scripts - Continued

Lab: Clickjacking with a frame buster script APPRENTICE

Combining clickjacking with a DOM XSS attack 0 of 2

Combining clickjacking with a DOM XSS attack

Lab: Exploiting clickjacking vulnerability to trigger DOM-based XSS PRACTITIONER

Multistep clickjacking 0 of 2

Multistep clickjacking

Lab: Multistep clickjacking PRACTITIONER

How to prevent clickjacking attacks 0 of 1

How to prevent clickjacking attacks

X-Frame-Options 0 of 1

X-Frame-Options

Content Security Policy (CSP) 0 of 2

Content Security Policy (CSP)

Content Security Policy (CSP) - Continued