# Web Hacking Quickstart Reference ## HTML Basic build up of an HTML page: ```html <!DOCTYPE html> <html lang="en" dir="ltr"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0" > <!-- a comment: here could be lots of more meta tags --> <title>This is a simple placeholder page</title> <style> /* some style sheet declarations */ </style> <link rel="stylesheet" href="path/to/stylefile.css"> <script src="some/path/to/a/file.js"></script> </head> <body> <header> <h1>This is a simple placeholder page</h1> </header> <p> No content here really </p> <footer> <hr /> <small>&#127279; by nothingness &#127850;</small> </footer> <script src="https://tantemalkah.at/2022/hack-the-heck-out-of-this-website/hello.js"></script> </body> </html> ``` References: * [HTML: HyperText Markup Language](https://developer.mozilla.org/en-US/docs/Web/HTML) @ MDN Web Docs * [HTML Element Reference](https://www.w3schools.com/tags/default.asp) and [HTML Tutorial](https://www.w3schools.com/html/default.asp) @ W3Schools ## Javascript Here is a short language overview, in case you know other programming languages than Javascript. The following snippets are from jackies artful coding course (you can also check the slides of [session 2 starting in the JS intro section](https://tantemalkah.at/2021/artful-coding/slides/session2.html#/13)): A bit about variables and logging: ```javascript /* This is a comment about some placeholder variables. Actually, it does not say an awful lot now anyway. */ var myNumber = 23; let myAnswer = 42; const myState = "This will never change!"; // Now, let's produce some very important debug output console.log('Hey there, what\'s up? I have something for you:'); console.log('A number:', myNumber); console.log('THE answer:', myAnswer); console.log(myState); ``` Data types: ```javascript let myString = 'Francine'; let myLongerString = 'Francine is a lovely name!'; let myNumber = 5000; let myBoolen = true; let myOtherBoolen = false; let myArray = [42, 'is the answer', true, myLongerString, myBoolean]; let myObject = { name: 'Elvira', type: 'Bat', strength: 1000, mana: 777, alive: true }; myObject.type = 'Werebat'; ``` Selecting elements and changing its text: ```javascript const myHeading = document.querySelector('h1'); myHeading.textContent = 'Hello world!'; let playerName = 'Jane Doe (for now)'; const elPlayerName = document.getElementById('player-name'); elPlayerName.textContent = playerName; ``` Operators: ```javascript const answer = 23 + 19; let playerName = 'Francine'; let greeting = 'Welcome ' + playerName; let arbitraryNumber = (9 - 3) * 8 + 9 / 3 * (23 + 2) / 2; let isPlayerFrancine = playerName === 'Francine'; let truth = answer === 42; let isFalse = 23 === 42; let isTrue = 23 !== 42; let alsoFalse = 42 === '42'; ``` Conditionals: ```javascript let iceCream = 'chocolate'; let players = 5; if ( iceCream === 'chocolate' ) { alert('Yay, I love chocolate ice cream!'); } else { alert('Awwww, but chocolate is my favorite...'); } if ( players >= 4 ) { console.log('starting up the game engine'); } ``` Functions: ```javascript // a function we already used: alert ('Hiyaaaa!'); // another function we already used, which returns something useful: let element = document.getElementById('player-name'); // a new function we create right now: function multiply(num1,num2) { let result = num1 * num2; return result; } // using our new function multiply(4, 7); multiply(20, 20); multiply(0.5, 3); ``` Some more advanced concepts are introduced in [Session III: Advanced Javascript, ES6 and beyond, jquery](https://tantemalkah.at/2021/artful-coding/slides/session3.html) of the mentioned course. In terms of web hacking you probably won't need most of them. But take a look, and also check out the reference materials linked below if you want to dig deeper into what you can do with Javascript. References: * [JavaScript — Dynamic client-side scripting](https://developer.mozilla.org/en-US/docs/Learn/JavaScript) @ MDN Web Docs * [JavaScript Tutorial](https://www.w3schools.com/js/default.asp) @ W3Schools * [Artful Coding 1: web-based games development](https://tantemalkah.at/artful-coding/2021wt/) (WT2021 @ dieAngewandte) - includes session 2 and 3 with quick intros on HTML, CSS, and JS, including slides and video recordings ## The Browser Environment * Dev Tools * Inspector * ![](https://tantemalkah.at/2022/hack-the-heck-out-of-this-website/devtools01.png) * Console * ![](https://tantemalkah.at/2022/hack-the-heck-out-of-this-website/devtools02.png) * Network * ![](https://tantemalkah.at/2022/hack-the-heck-out-of-this-website/devtools03.png) * Storage * ![](https://tantemalkah.at/2022/hack-the-heck-out-of-this-website/devtools04.png) * Some useful commands: * `alert("hey there!")` * `document.body` * `document.getElementById("someId")` * `window.location` * `window.onload` * Clickable commands `onclick` in HTML tags: * `<p onclick="alert('are you sure you should have clicked that?')">` References: * [Firefox DevTools User Docs](https://firefox-source-docs.mozilla.org/devtools-user/index.html) * [Chrome DevTools](https://developer.chrome.com/docs/devtools/) * [Introduction to the DOM](https://developer.mozilla.org/en-US/docs/Web/API/Document_Object_Model/Introduction) @ MDN Web Docs
Last changed by  
jackie
#queer #feminist part-time #sysadmin, #developer and #trainer. into: #linux #python #itsec #participatorydesign #transdisciplinarity #education ... more at: https://tantemalkah.at
166

Read more

Feminist / Women / Gender Diversity in Tech Initiatives in Vienna

This is an open collection of organisations, meetups, (recurring) workshop, conferences, etc. on topics of feminism and technology, fostering gender diversity and the increased participation of women and non-binary folks in the production and facilitation of technology.

2/22/2024
Artful Coding 2 - Session Plans

Session overview 7 x 1.5 hours input and learning sessions: HTML Canvas: intro , 16 March 2022 HTML Canvas: animated and interactive , 23 March 2022 Jumping Block in Canvas , 30 March 2022 Live Server & Phaser init & Jumping Block in Phaser, 06 April 2022 Website Mini Game , 27 April 2022 Infinite Duality Jumper , 04 May 2022 [buffer] , 11 May 2022

3/29/2023
Setup-Guide: Hack the heck out of this website!

For this course we suggest one of the following two setups: everything within one pre-configured VirtualBox machine based on Kali Linux working on your own machine using the Burp Suite Community Edition and Firefox as well as a Docker container running the Damn Vulnerable Web Application For both setups we have a few notes here that might help you get started, including some tips to test whether everything works as expected. The first option might be the one for you if you want everything ready in a box and don't care about several GB of downloads, and when you are fine with working outside your native desktop environment on a Kali Linux desktop. The second option might be the one for you if you rather want to have everything on your own machine, so you can work in your native environment. Also if your machine is not that fast (less then 4 CPU cores or 4 GB RAM), you might want to choose the Docker container version.

8/25/2022
base dev sprint planning

current sprint : 19 date range : 23.5. - 1.6. Status after sprint ✔ ... done ⇢ ... in progress ⏸ … on hold ✗ ... not started

5/23/2022
Read more from jackie
Published on HackMD