⌒
⌒
This session explores how browser extensions can be used to simulate real-world attack scenarios inside modern enterprise environments. Participants will learn how extensions fit into the browser’s architecture, why their permissions provide powerful control over user sessions, and how attackers can leverage them for input interception, content manipulation, session abuse, and authorization tampering.
This session explores how browser extensions can be used to simulate real-world attack scenarios inside modern enterprise environments. Participants will learn how extensions fit into the browser’s architecture, why their permissions provide powerful control over user sessions, and how attackers can leverage them for input interception, content manipulation, session abuse, and authorization tampering. The training includes demonstrations of ten extension-based attack techniques and a practical walkthrough on designing and customizing extension modules for red team use. Attendees will leave with a clear understanding of how browser-level simulations reveal gaps in enterprise defenses and how to safely build their own tools for controlled offensive testing.
Date
February 21, 2026
Time
09:00 AM
Location
Goa, India
