Hacking JavaScript Desktop Applications: XSS and RCE Techniques with Abraham Aranguren
Join Abraham Aranguren to explore vulnerabilities in JavaScript desktop apps, including XSS and remote code execution (RCE). Register for free infosec webcasts, anti-casts, and summits at https://poweredbybhis.com. Discover effective infosec training at A
🔥 Related Trending Topics
LIVE TRENDSThis video may be related to current global trending topics. Click any trend to explore more videos about what's hot right now!
THIS VIDEO IS TRENDING!
This video is currently trending in Norway under the topic 'a laget'.
About this video
🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits –
https://poweredbybhis.com
🔗 Infosec Training That Doesn't Suck- Antisyphon Training
https://www.antisyphontraining.com
🛝Webcast Slides -
https://www.blackhillsinfosec.com/wp-content/uploads/2025/11/SLIDES_2025.11.05-Hacking-JavaScript-Desktop-apps-with-XSS-and-RCE-Anticast.pdf
This 1-hour Anti-Cast provides a hands-on introduction to attack vectors against JavaScript-based desktop apps, focusing on Electron.
We’ll explore real-world vulnerabilities, demonstrating how issues like XSS can lead to Remote Code Execution (RCE). Participants will access practice labs, attack demonstrations on Windows, macOS, and Linux, and learn how to audit and secure desktop apps.
Topics covered include:
- How to audit Electron apps for security flaws
- Understanding XSS in the context of desktop apps
- Turning XSS into RCE in JavaScript apps
- Attacking preload scripts
- RCE via IPC
Chat with your fellow attendees in the Antisyphon Discord server:
https://discord.gg/bhis
in the #🔴live-chat channel
Video Information
Views
258
Total views since publication
Likes
24
User likes and reactions
Duration
01:46:37
Video length
Published
Nov 6, 2025
Release date
Quality
hd
Video definition