Your agentic AI partner in Burp Suite - Discover Burp AI now            Read more
Research Academy
My account Customers About Blog Careers Legal Contact Resellers
Back to all learning paths
PRACTITIONER

Clickjacking (UI redressing)

This learning path deals with clickjacking attacks. You'll learn the fundamentals of clickjacking, how to construct basic attacks, and implement server-side and client-side defense strategies.

Contents

Get started: What is clickjacking?

0 of 19

GET STARTED

What is clickjacking? 0 of 2

What is clickjacking? APPRENTICE Get started

What is clickjacking? - Continued APPRENTICE

How to construct a basic clickjacking attack 0 of 3

How to construct a basic clickjacking attack APPRENTICE

How to construct a basic clickjacking attack - Continued APPRENTICE

Lab: Basic clickjacking with CSRF token protection APPRENTICE

Clickbandit 0 of 1

Clickbandit APPRENTICE

Clickjacking with prefilled form input 0 of 2

Clickjacking with prefilled form input APPRENTICE

Lab: Clickjacking with form input data prefilled from a URL parameter APPRENTICE

Frame busting scripts 0 of 3

Frame busting scripts APPRENTICE

Frame busting scripts - Continued APPRENTICE

Lab: Clickjacking with a frame buster script APPRENTICE

Combining clickjacking with a DOM XSS attack 0 of 2

Combining clickjacking with a DOM XSS attack APPRENTICE

Lab: Exploiting clickjacking vulnerability to trigger DOM-based XSS PRACTITIONER

Multistep clickjacking 0 of 2

Multistep clickjacking APPRENTICE

Lab: Multistep clickjacking PRACTITIONER

How to prevent clickjacking attacks 0 of 1

How to prevent clickjacking attacks APPRENTICE

X-Frame-Options 0 of 1

X-Frame-Options APPRENTICE

Content Security Policy (CSP) 0 of 2

Content Security Policy (CSP) APPRENTICE

Content Security Policy (CSP) - Continued APPRENTICE