What is Clickjacking
Clickjacking It is a web based vulnerability which allows hacker to embed a webpage of a domain on hacker's fake webpage. Now the fake webpage can works like a legitimate one and become very complex to identify that it is a fake webpage. It is also known as UI Redressing. It can be achieved by using iframe. Things to Know: X-frame: It is a http security header that controls iframe. It is used to specify whether a browser is allowed to render a page in iframe. Content Security Policy (CSP): It is a security standard which allows the developer to add additional security to the website. It helps developer to restrict loading web resource like HTML, CSS, JS into other webpage. iframe: It is a html element that loads another html element inside a web page. HTML template with Iframe to exploit clickjacking <!DOCTYPE html> <html lang="en-US"> <head> <meta charset="UTF-8"> <title>I Frame</title> <style...