
Clickjacking using simple HTML script
Welcome back fellow cybersecurity enthusiasts! It’s me Rocky! Today, I want to share with you an important topic: how I discovered a clickjacking bug using simple HTML script. During my recon phase, I
Welcome back fellow cybersecurity enthusiasts! It’s me Rocky! Today, I want to share with you an important topic: how I discovered a clickjacking bug using simple HTML script. During my recon phase, I initially conducted various tests such as Open redirect, XSS and BAC but unfortunately, I couldn’t find anything interesting.
However, while reviewing the headers, I noticed that the X-Frame-Options header was missing. This missing header made the website vulnerable to clickjacking, also known as UI Redressing. Clickjacking is a dangerous technique used to deceive users into clicking on something other than what they think they’re clicking on. This can potentially lead to the disclosure of private information or allow attackers to take control of their computers, all while interacting with seemingly harmless objects like websites.
For the purpose of POC, I used this simple script:
<html>
<head>
<title>Clickjack test page</title>
</head>
<body>
<iframe src="https://example.com" width="500" height="500"></iframe> <!-- Change the src attribute to the target URL -->
</body>
</html>
To mitigate clickjacking attacks, it is crucial to enable the X-Frame-Options header and implement Content Security Policy (CSP) headers. These measures help protect against UI Redressing attacks.
If you’re interested in learning more about cybersecurity, Stay tuned for upcoming articles where we’ll explore various cybersecurity topics. Thank you for joining me today!
Related Articles
BruteForce Password on Web Login with Python
Introduction Welcome, in this article I am going to show you how I programmed my Python script to make brute force attac
Best Beginner JavaScript Projects for Hacking (2026 Guide)
If you want to break into web security, building the best beginner JavaScript projects for hacking is the most effective
What Is a Security Operations Center (SOC)?
SOC roles, tools, and workflows — how Tier 1–3 analysts detect, triage, and escalate incidents using SIEM and playbooks.
Setting up your bug bounty scripts with Python and Bash
Bug bounty programs have become increasingly popular in recent years, with companies offering rewards to hackers and sec
How to Create Malware in Python Practically
Malware, or malicious software, is a type of software that is designed to harm or exploit computer systems without the u
Chronological list of Resources to Learn Ethical Hacking from Complete Beginner to Advanced Level
Are you looking to become an ethical hacker or just want to learn more about ethical hacking? Ethical hacking, also know
COMMENTS (0)
Sign in to post intel on this briefing.