Stored, Blind, Reflected and DOM - Everything Cross--Site Scripting (XSS)
I'll be honest, XSS are not my favourite kinds of bugs to hunt for, even now and I don't think they are great for beginners. BUT I have been outvoted by the community on this one so here's how to find your first bug, XSS edition. I'm going to talk about each type of XSS and show you how I actually approach a target when I'm looking for XSS bugs. I will be the first to admit I've found 1 XSS in the wild and it was a DOM based XSS!
This series couldn't happen without the support of our sponsor Bugcrowd, Bugcrowd is the best place to start hacking with a wide range of public and private programs from APIs to Desktop Applications and everything in between. Not ready to jump into a public program yet? Fill out your platform CV and sign up for a waitlisted program. Tell Bugcrowd a bit about your skills, previous certifications or experience and they’ll match you up with the right program using their industry-leading CrowdMatch technology. Whatever your level, there’s a place for you in the crowd. You can sign up with my link here: https://bugcrowd.com/user/sign_up.
- Social Media -
Discord: https://insiderphd.dev/discord
Patreon: https://www.patreon.com/insiderphd
Twitter: https://twitter.com/insiderphd
Видео Stored, Blind, Reflected and DOM - Everything Cross--Site Scripting (XSS) канала InsiderPhD
This series couldn't happen without the support of our sponsor Bugcrowd, Bugcrowd is the best place to start hacking with a wide range of public and private programs from APIs to Desktop Applications and everything in between. Not ready to jump into a public program yet? Fill out your platform CV and sign up for a waitlisted program. Tell Bugcrowd a bit about your skills, previous certifications or experience and they’ll match you up with the right program using their industry-leading CrowdMatch technology. Whatever your level, there’s a place for you in the crowd. You can sign up with my link here: https://bugcrowd.com/user/sign_up.
- Social Media -
Discord: https://insiderphd.dev/discord
Patreon: https://www.patreon.com/insiderphd
Twitter: https://twitter.com/insiderphd
Видео Stored, Blind, Reflected and DOM - Everything Cross--Site Scripting (XSS) канала InsiderPhD
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
What Can an Attacker Actually Do With a Bug Anyway?
Katie Explains: Modern Web Development (GIVEAWAY)
5 Bug Bounty Time Investments
Broken Object Level Authorisation / BOLA / IDORs explained #shorts #api #hacking
DEFCON Safemode - What I Watched at DEFCON
Note-Taking for Bug Bounty Hunters - How I Use Notion and How You Can Too
E-commerce Flaws and $500-1000 Bounties
The truth about API hacking...
Finding Your First API Bug (NahamCon 2023)
How to Stop Learning and Start Hacking!
Getting Organised: Making a //TODO list
My Methodology
Finding Your First Bug: Business Logic Errors
New OWASP API Top 10 for Hackers
Getting Organised: Finding More Time in the Day
Low Competition Bug Hunting (What to Learn) - ft. #AndroidHackingMonth
"How to Get Started with Bug Bounty" - Resource Lists & Advice
Easy IDOR hunting with Autorize? (GIVEAWAY)
Why does DNS always break the internet?
Hacking when all the bugs have been found?
How to Use Bug Bounty to Help Your Career!