BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Antisyphon Training - ECPv6.15.20//NONSGML v1.0//EN
CALSCALE:GREGORIAN
METHOD:PUBLISH
X-WR-CALNAME:Antisyphon Training
X-ORIGINAL-URL:https://www.antisyphontraining.com
X-WR-CALDESC:Events for Antisyphon Training
REFRESH-INTERVAL;VALUE=DURATION:PT1H
X-Robots-Tag:noindex
X-PUBLISHED-TTL:PT1H
BEGIN:VTIMEZONE
TZID:America/New_York
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20240310T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20241103T060000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20250309T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20251102T060000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20260308T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20261101T060000
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20251105T120000
DTEND;TZID=America/New_York:20251105T130000
DTSTAMP:20260426T093141
CREATED:20251022T142712Z
LAST-MODIFIED:20251022T142718Z
UID:10000831-1762344000-1762347600@www.antisyphontraining.com
SUMMARY:Anti-Cast: Hacking JavaScript Desktop Apps with XSS and RCE with Abraham Aranguren
DESCRIPTION:If you are the kind of person who enjoys workshops with practical information that you can immediately apply when you go back to work\, this session is for you — all action\, no fluff. \n\n\n\nThis 1-hour Anti-Cast is a fast-paced\, hands-on introduction to modern attack vectors against JavaScript-based desktop apps\, primarily focusing on Electron. \n\n\n\nWe will explore real-world vulnerable applications and demonstrate how common web vulnerabilities like XSS can escalate into full Remote Code Execution (RCE) on the desktop. You will get a sneak peek into our full training content with access to practice labs\, demonstrations of attacks on Windows\, macOS\, and Linux\, and insights into how to properly audit and secure desktop apps. \n\n\n\nTopics covered include: \n\n\n\n– How to audit Electron apps for security flaws \n\n\n\n– Understanding XSS in the context of desktop apps \n\n\n\n– Turning XSS into RCE in JavaScript apps \n\n\n\n– Attacking preload scripts \n\n\n\n– RCE via IPC \n\n\n\n\nRegister Here\n\n\n\n\nJoin us for PreShow Banter™ at 11:30 AM ETChat with your fellow attendees in the BHIS Discord server:https://discord.gg/bhis in the #🔴live-chat channel \n\n\n\nStay up to date on our upcoming live Anti-Casts and more at https://poweredbybhis.com \n\n\n\nDon’t forget to check out our Course Catalog for our upcoming free and affordable cybersecurity training!
URL:https://www.antisyphontraining.com/event/anti-cast-hacking-javascript-desktop-apps-with-xss-and-rce-with-abraham-aranguren/
CATEGORIES:Anti-Cast
ATTACH;FMTTYPE=image/webp:https://www.antisyphontraining.com/wp-content/uploads/2025/10/Hacking-JavaScript-Desktop-Apps-with-XSS-and-RCE-with-Abraham-Aranguren.webp
END:VEVENT
END:VCALENDAR