Master XSS(Cross Site Scripting) for real world Applications

Learn to Find,Build,Chain,Exploit Cross-Site scripting in real world applications for bug bounty

Ratings 4.51 / 5.00
Master XSS(Cross Site Scripting) for real world Applications

What You Will Learn!

  • Find XSS(Cross Site Scripting) on real world applications
  • Account takeovers via xss via different scenerios and custom payloads for them
  • Learn the manual and automated ways to find xss with deeper analysis
  • Learn to chain different vulnerabilities with cross site scripting(like file uploads and IDOR) and make good impacts
  • Learn all the attacks possible with cross site scripting(like keystrokes hijacking and web defacing )
  • Find multiple ways to bypass the restrictions
  • Privilege escalations from xss via chaining vulnerabilities
  • Out of band cross site scripting
  • Learning from real world targets and quality labs

Description

Cross-Site Scripting is one of the known and important vulnerabilities in Bug bounty, cross scripting has ability to hijack user cookies and sessions and can possibly perform account takeover but nowadays due to increasing competition in bug bounty and more security in applications it is hard to find XSS issues we now have to rely on manual things rather than automation tools, scripts to find a better issue, in this course, I have covered a lot of fresh content and things which will be definitely new and interesting for you.

other than account takeovers I have covered other interesting attacks with xss like keylogger attacks, content manipulation attacks, and open redirection.

Additionally, i have covered the session where i am showing how you can chain xss with other vulnerabilities like file upload, IDOR etc.


From this course, you will be able to learn

  • Finding cross-site scripting in the real-world application

  • Learning how to build your own payloads for different types of attacks possible with cross-site scripting

  • understanding account takeovers via xss with understanding cookies, session, local storage and understanding conditions required for account takeover

  • Learning how to chain different vulnerabilities with xss with other vulnerabilities like file upload, IDOR(Indirect object reference), subdomain takeover, CVEs

  • Learning how to exploit using other vulnerabilities like open redirection, keylogger and content manipulation attack

  • Learning to bypass different restrictions of secure application

all the things are demonstrated via real targets and different labs resources


Upcoming videos for the course:

  • post message xss

  • some more examples of chaining

  • xss preventions


Disclaimer: All the things demonstrated in the course is for educational purpose only don't use this malicious or bad way to harm any other organisation

Who Should Attend!

  • Beginners who are looking for more great resource for learning xss
  • Intermediates who want to enhance power of finding xss vulnerabilities in real world applications
  • Advance who are looking for more decent examples and scenerios
  • Anyone from development side want to learn the exploitation via cross site scripting
  • Bugbounty hunters
  • Pentesters
  • IT analysts
  • Risk analysts
  • Security Analysts
  • Developers
  • Security Engineers

TAKE THIS COURSE

Tags

Subscribers

161

Lectures

26

TAKE THIS COURSE