1
00:00:01,400 --> 00:00:02,510
JavaScript.

2
00:00:03,500 --> 00:00:10,910
I'm sure you must have heard by now the terms interpreted and compiled within the context of programming.

3
00:00:11,870 --> 00:00:17,540
And I can say that JavaScript is a lightweight interpreted programming language, and you'll know exactly

4
00:00:17,540 --> 00:00:18,560
what I'm talking about, right.

5
00:00:19,930 --> 00:00:25,730
But basically, you know, it it brings action to the content of an HTML document.

6
00:00:26,540 --> 00:00:35,090
So it means it helps to create dynamic pages so that you can, you know, make make these pages interactive.

7
00:00:35,090 --> 00:00:36,260
Basically with the users.

8
00:00:37,040 --> 00:00:45,080
It is capable of storing values inside variables, doing string mathematical and graphical operations.

9
00:00:45,710 --> 00:00:49,790
It can also, detective, any event happens on the page.

10
00:00:50,360 --> 00:00:52,190
And of course, you can do so much more.

11
00:00:54,350 --> 00:00:58,490
So we talked a little bit about it earlier in the Web browser section.

12
00:00:59,550 --> 00:01:07,290
After the dismal access have been assembled and put together into a Web page, JavaScript is executed

13
00:01:07,290 --> 00:01:13,470
by the browsers JavaScript engine, and then this ensures that the structure and style of the page are

14
00:01:13,470 --> 00:01:17,400
already in place by the time that the JavaScript starts to run.

15
00:01:18,370 --> 00:01:26,230
That's why it's common to use JavaScript to dynamically modify HTML access in a document via the document

16
00:01:26,500 --> 00:01:29,080
Object Model API.

17
00:01:30,040 --> 00:01:34,330
So this speech is also very handy for Web pen testers to run payloads.

18
00:01:34,600 --> 00:01:36,220
That's why we're talking about it.

19
00:01:37,150 --> 00:01:44,860
So we're going to be using JavaScript, well, way too much, but we're going to be using JavaScript

20
00:01:44,860 --> 00:01:47,820
a lot to manipulate the behavior of the victim's browser.

21
00:01:48,460 --> 00:01:56,320
So besides having a general programming languages feature, JavaScript can raise its capability with

22
00:01:56,320 --> 00:01:57,700
the use of APIs.

23
00:01:58,650 --> 00:02:07,050
Eyebrows are APIs are built into a Web browser and are usually capable of exposing data from the surrounding

24
00:02:07,050 --> 00:02:11,510
computer environment where to do even more useful, complex things.

25
00:02:12,000 --> 00:02:13,160
But think of it this way.

26
00:02:13,830 --> 00:02:17,510
You can even get data from the victim's computer environment.

27
00:02:18,060 --> 00:02:23,100
So I will now explain to you how JavaScript can be used within a Web page.

28
00:02:23,610 --> 00:02:28,260
So like access, there are three ways to add JavaScript into a document.

29
00:02:29,160 --> 00:02:34,710
An external JavaScript file can be linked to the document, as I'll do here in the sample page.

30
00:02:35,760 --> 00:02:39,900
This file can be stored either on the local server or a remote server.

31
00:02:40,770 --> 00:02:47,460
Now, this example, Maned James is on the same server and it contains this tiny code.

32
00:02:50,020 --> 00:02:56,800
And now the second way is by using a JavaScript internally, like a mark here.

33
00:02:58,480 --> 00:03:02,920
Now, we're not completely the same, but it's on a page that is affected.

34
00:03:05,500 --> 00:03:10,250
And the third one is using inline JavaScript code.

35
00:03:11,020 --> 00:03:14,340
Now, sometimes you may hear of the server side JavaScript.

36
00:03:15,010 --> 00:03:19,450
Yeah, there is a concept out there like that, for example, no JASE'S.

37
00:03:19,630 --> 00:03:26,380
That's an environment that works this way, but it's not in the context or scope of this course.