> ## Documentation Index
> Fetch the complete documentation index at: https://rootea.es/llms.txt
> Use this file to discover all available pages before exploring further.

# Clickjacking

> Recursos cross-platform para Clickjacking: máquinas HTB, labs PortSwigger y rooms TryHackMe curados, con writeups validados y skills relacionadas.

# Clickjacking

Esta página agrega los **recursos para practicar Clickjacking** de forma cross-platform: máquinas retiradas de Hack The Box, labs de PortSwigger Web Security Academy y rooms de TryHackMe, más recursos curados (HackTricks, PortSwigger, etc.) y skills relacionadas.

## Recursos curados

| Fuente      | Enlace                                                                                                 |
| ----------- | ------------------------------------------------------------------------------------------------------ |
| PortSwigger | [https://portswigger.net/web-security/clickjacking](https://portswigger.net/web-security/clickjacking) |

## Labs PortSwigger que practican Clickjacking (5)

| Lab                                                                                                                                  | Dificultad                                                 | Topic        | Oficial                                                                                            |
| ------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------- | ------------ | -------------------------------------------------------------------------------------------------- |
| [Basic clickjacking with CSRF token protection](/portswigger/labs/clickjacking/basic-csrf-protected)                                 | <span className="dbadge dbadge-easy">APPRENTICE</span>     | Clickjacking | [Abrir](https://portswigger.net/web-security/clickjacking/lab-basic-csrf-protected)                |
| [Clickjacking with a frame buster script](/portswigger/labs/clickjacking/frame-buster-script)                                        | <span className="dbadge dbadge-easy">APPRENTICE</span>     | Clickjacking | [Abrir](https://portswigger.net/web-security/clickjacking/lab-frame-buster-script)                 |
| [Clickjacking with form input data prefilled from a URL parameter](/portswigger/labs/clickjacking/prefilled-form-input)              | <span className="dbadge dbadge-easy">APPRENTICE</span>     | Clickjacking | [Abrir](https://portswigger.net/web-security/clickjacking/lab-prefilled-form-input)                |
| [Exploiting clickjacking vulnerability to trigger DOM-based XSS](/portswigger/labs/clickjacking/exploiting-to-trigger-dom-based-xss) | <span className="dbadge dbadge-medium">PRACTITIONER</span> | Clickjacking | [Abrir](https://portswigger.net/web-security/clickjacking/lab-exploiting-to-trigger-dom-based-xss) |
| [Multistep clickjacking](/portswigger/labs/clickjacking/multistep)                                                                   | <span className="dbadge dbadge-medium">PRACTITIONER</span> | Clickjacking | [Abrir](https://portswigger.net/web-security/clickjacking/lab-multistep)                           |

***

← [Volver al glosario completo](/glosario)

<script type="application/ld+json">
  {`{"@context":"https://schema.org","@type":"DefinedTerm","name":"Clickjacking","termCode":"clickjacking","inLanguage":"es","url":"https://rootea.es/skills/clickjacking","inDefinedTermSet":{"@type":"DefinedTermSet","name":"Glosario táctico de pentesting","url":"https://rootea.es/glosario"}}`}
</script>

*Última actualización: 2026-05-08*
