Stored, Blind, Reflected and DOM - Everything Cross--Site Scripting (XSS)
I'll be honest, XSS are not my favourite kinds of bugs to hunt for, even now and I don't think they are great for beginners. BUT I have been outvoted by the community on this one so here's how to find your first bug, XSS edition. I'm going to talk about each type of XSS and show you how I actually approach a target when I'm looking for XSS bugs. I will be the first to admit I've found 1 XSS in the wild and it was a DOM based XSS!
This series couldn't happen without the support of our sponsor Bugcrowd, Bugcrowd is the best place to start hacking with a wide range of public and private programs from APIs to Desktop Applications and everything in between. Not ready to jump into a public program yet? Fill out your platform CV and sign up for a waitlisted program. Tell Bugcrowd a bit about your skills, previous certifications or experience and they’ll match you up with the right program using their industry-leading CrowdMatch technology. Whatever your level, there’s a place for you in the crowd. You can sign up with my link here: https://bugcrowd.com/user/sign_up.
- Social Media -
Discord: https://insiderphd.dev/discord
Patreon: https://www.patreon.com/insiderphd
Twitter: https://twitter.com/insiderphd
Видео Stored, Blind, Reflected and DOM - Everything Cross--Site Scripting (XSS) канала InsiderPhD
This series couldn't happen without the support of our sponsor Bugcrowd, Bugcrowd is the best place to start hacking with a wide range of public and private programs from APIs to Desktop Applications and everything in between. Not ready to jump into a public program yet? Fill out your platform CV and sign up for a waitlisted program. Tell Bugcrowd a bit about your skills, previous certifications or experience and they’ll match you up with the right program using their industry-leading CrowdMatch technology. Whatever your level, there’s a place for you in the crowd. You can sign up with my link here: https://bugcrowd.com/user/sign_up.
- Social Media -
Discord: https://insiderphd.dev/discord
Patreon: https://www.patreon.com/insiderphd
Twitter: https://twitter.com/insiderphd
Видео Stored, Blind, Reflected and DOM - Everything Cross--Site Scripting (XSS) канала InsiderPhD
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
What Can an Attacker Actually Do With a Bug Anyway?Katie Explains: Modern Web Development (GIVEAWAY)5 Bug Bounty Time InvestmentsBroken Object Level Authorisation / BOLA / IDORs explained #shorts #api #hackingDEFCON Safemode - What I Watched at DEFCONNote-Taking for Bug Bounty Hunters - How I Use Notion and How You Can TooE-commerce Flaws and $500-1000 BountiesThe truth about API hacking...Finding Your First API Bug (NahamCon 2023)How to Stop Learning and Start Hacking!Getting Organised: Making a //TODO listMy MethodologyFinding Your First Bug: Business Logic ErrorsNew OWASP API Top 10 for HackersGetting Organised: Finding More Time in the DayLow Competition Bug Hunting (What to Learn) - ft. #AndroidHackingMonth"How to Get Started with Bug Bounty" - Resource Lists & AdviceEasy IDOR hunting with Autorize? (GIVEAWAY)Why does DNS always break the internet?Hacking when all the bugs have been found?How to Use Bug Bounty to Help Your Career!