Jump to content
YOUR-AD-HERE
HOSTING
TOOLS

Locked Master the XSS(Cross Site Scripting) for real world Apps

itsMe

By MASTERitsMe
in Video Tutorials

 Share

Recommended Posts

itsMe Master Hacker

MASTERitsMe

Posted
Posted

This is the hidden content, please

Description

Cross-Site Scripting is one of the known and important vulnerabilities in Bug bounty, cross scripting has ability to hijack user cookies and sessions and can possibly perform account takeover but nowadays due to increasing competition in bug bounty and more security in applications it is hard to find XSS issues we now have to rely on manual things rather than automation tools, scripts to find a better issue, in this course, I have covered a lot of fresh content and things which will be definitely new and interesting for you.

other than account takeovers I have covered other interesting attacks with xss like keylogger attacks, content manipulation attacks, and open redirection.

Additionally, i have covered the session where i am showing how you can chain xss with other vulnerabilities like file upload, IDOR etc.

From this course, you will be able to learn

    Finding cross-site scripting in the real-world application
    Learning how to build your own payloads for different types of attacks possible with cross-site scripting
    understanding account takeovers via xss with understanding cookies, session, local storage and understanding conditions required for account takeover
    Learning how to chain different vulnerabilities with xss with other vulnerabilities like file upload, IDOR(Indirect object reference), subdomain takeover, CVEs
    Learning how to exploit using other vulnerabilities like open redirection, keylogger and content manipulation attack
    Learning to bypass different restrictions of secure application

all the things are demonstrated via real targets and different labs resources

Upcoming videos for the course:

    post message xss
    some more examples of chaining
    xss preventions

Disclaimer: All the things demonstrated in the course is for educational purpose only don’t use this malicious or bad way to harm any other organisation

Who this course is for:

    Beginners who are looking for more great resource for learning xss
    Intermediates who want to enhance power of finding xss vulnerabilities in real world applications
    Advance who are looking for more decent examples and scenerios
    Anyone from development side want to learn the exploitation via cross site scripting
    Bugbounty hunters
    Pentesters
    IT analysts
    Risk analysts
    Security Analysts
    Developers
    Security Engineers

Requirements

    You should know basics of bug bounty like vulnerabilities related to OWASP TOP 10
    You should know basics of Burpsuite,basic linux commands
    If you know basics of programming ,HTML , css or basic development then it will be great
    should know the installation of tools like burpsuite,linux tools like waybacks,gau,gf etc

This is the hidden content, please

This is the hidden content, please

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.