In this chapter, we will discuss various web application vulnerabilities and how hackers exploit them. We will also demonstrate powerful tools such as Autopwn and BeEF. These tools are used to exploit web applications. This chapter will build a solid understanding of the various vulnerabilities found within web browsers. There are labs prepared for this chapter too, demonstrating how tools such as Autopwn and BeEF function. We recommend using Kali Linux running in a virtual machine. You will also need a Windows 7 victims machine. The victims machine should also be running in a virtual machine. Once you have set up your sandbox environment, you can proceed to follow along with the labs we have prepared. We caution you not to use this knowledge for illegal activity. Autopwn and BeEF are extremely effective tools and should be used responsibly. The objectives of this chapter are to demonstrate where web vulnerabilities can be found, how they are exploited, what tools are used for exploitation, and how to defend against these types of attack.