Web application security - the fast guide 1.1 | Page 158

Chapter 8 - Attack Tools
P a g e | 158
8.1 Browsers
The web browser can be itself a hacking tool, as you saw in the attack execution
chapter lot of attacks can be done simply using the browser by tampering the
URL or entering malicious data in the input fields as in SQL injection or elevation
of privilege attack.
An example might be changing the value of (accountType) to (platinum in a
vulnerable page that does not recheck the hidden field information which will
allow the attacker to gain platinum account benefits.
A disadvantages actually exist in the usage of the browser related to the
emended neutralizing and sanitization capabilities added to the new versions of
browsers that might prevent many potential traditional attacks.
8.2 Browser’s Extensions
Another effective set of hacking tools are available as extensions for browsers
which make it transparent and easy to use. Another important cause that makes
the usage of extensions
Examples about those extensions are: