Загрузка...
Все видеоНовые видеоПопулярные видео

How We Won $250 from a HackerOne XSS Challenge | Walkthrough & Exploit (2020)

In this video, we walk you through one of the classic XSS challenges hosted by HackerOne years ago — a challenge that awarded us $250 upon successful exploitation. Our team of researchers dives deep into the vulnerability, explaining the thought process, payload crafting, and how we ultimately bypassed the challenge’s filters.

Whether you're new to XSS or an experienced bug bounty hunter, this breakdown offers valuable insights into practical exploitation techniques.

🔍 Challenge: HackerOne XSS Challenge
💰 Reward: $250
🛠️ Focus: XSS payload crafting, filter bypass, browser behavior

If you enjoy technical walkthroughs like this, don’t forget to like, comment, and subscribe for more real-world security content from our team!
Discovered and responsibly reported by the NullSecX research team.
This vulnerability is now patched.
📌 Follow us for more

xss
xss challenge
hackerone
bug bounty
cybersecurity
ethical hacking
xss vulnerability
cross site scripting
hackerone challenge
xss payload
bug bounty hunting
infosec
web security
web application security
capture the flag
ctf challenge
bug bounty program
javascript xss
bypass xss filter
security researcher
vulnerability hunting

Видео How We Won $250 from a HackerOne XSS Challenge | Walkthrough & Exploit (2020) канала NullSecX
xss xss challenge hackerone bug bounty cybersecurity ethical hacking xss vulnerability cross site scripting hackerone challenge xss payload bug bounty hunting infosec web security web application security capture the flag ctf challenge bug bounty program javascript xss bypass xss filter security researcher vulnerability hunting bug bounty poc xss hackerone
Комментарии отсутствуют
Информация о видео
13 июня 2025 г. 18:46:10
00:02:21
NullSecX
Теги
Правообладателям
Жалоба на материал Недопустимый материал Нарушение авторских прав
Комментарии
Поделиться
Другие видео канала

SSRF Routing Bypass in the Wild | PortSwigger Lab Walkthrough & ExploitSSRF Routing Bypass in the Wild | PortSwigger Lab Walkthrough & Exploit

Reflected XSS Found on Adidas Website – Exploit DemoReflected XSS Found on Adidas Website – Exploit Demo

Modern API Pentesting: SQL Injection WalkthroughModern API Pentesting: SQL Injection Walkthrough

SQL Injection on GoDaddy – Discovered by NullSecX Researchers (Now Patched)SQL Injection on GoDaddy – Discovered by NullSecX Researchers (Now Patched)

Critical RCE in WordPress Plugin (No Auth) – Social WarfareCritical RCE in WordPress Plugin (No Auth) – Social Warfare

How We Hijacked a User’s Token via a Simple IDORHow We Hijacked a User’s Token via a Simple IDOR

Hacking Google Translate: Stored XSS Discovered by Our ResearchersHacking Google Translate: Stored XSS Discovered by Our Researchers

How to Exploit an IDOR Vulnerability and gain PrivilegesHow to Exploit an IDOR Vulnerability and gain Privileges

Hacking 101: How SSTI Vulnerabilities Lead to Remote Code ExecutionHacking 101: How SSTI Vulnerabilities Lead to Remote Code Execution

How Hackers Bypass OTP: Full Account Takeover ExplainedHow Hackers Bypass OTP: Full Account Takeover Explained

Reflected XSS in Wix: Discovery and Responsible DisclosureReflected XSS in Wix: Discovery and Responsible Disclosure

HTML Injection Discovered on PayPal by Our Security Team | Full Disclosure WalkthroughHTML Injection Discovered on PayPal by Our Security Team | Full Disclosure Walkthrough

Account Takeover via Password Reset Poisoning | Full Exploit BreakdownAccount Takeover via Password Reset Poisoning | Full Exploit Breakdown

Apple Stored XSS Vulnerability — PoC, Exploit Breakdown & Disclosure | $5000 Apple Bug BountyApple Stored XSS Vulnerability — PoC, Exploit Breakdown & Disclosure | $5000 Apple Bug Bounty

0-Click Account Takeover Using Punycode Emails for Access0-Click Account Takeover Using Punycode Emails for Access

IDOR Vulnerability Discovered in Uber: Unauthorized Access Scenario Demonstrated by Our ResearchersIDOR Vulnerability Discovered in Uber: Unauthorized Access Scenario Demonstrated by Our Researchers

Discovered by Our Researchers: Stored XSS via Content-Type Bypass (Profile Upload)Discovered by Our Researchers: Stored XSS via Content-Type Bypass (Profile Upload)

Found a Reflected XSS on Ford's Website – Live Exploit & PoCFound a Reflected XSS on Ford's Website – Live Exploit & PoC

Race Condition Vulnerability Explained | Live Demo + Voice NarrationRace Condition Vulnerability Explained | Live Demo + Voice Narration

Solving an XXE Vulnerability Challenge | XML External Entity Explained [With Voiceover]Solving an XXE Vulnerability Challenge | XML External Entity Explained [With Voiceover]

Exploiting Facebook’s Report System — No Rate Limiting | $2500 Facebook Bug BountyExploiting Facebook’s Report System — No Rate Limiting | $2500 Facebook Bug Bounty

TopArticle.Ru
Статистика портала
Яндекс.Метрика
© 2008-2025 «Информационно-развлекательный портал города Верхняя Салда»
| Карта портала | Контакты | Сообщить об ошибке | Соглашения Пользовательское соглашение Соглашение о конфиденциальности Согласие на обработку персональных данных Информация для правообладателей Об использовании Cookies
salda.ws@mail.ru
Сейчас на сайте: 272 Статистика портала
Страницу в закладки Мои закладки
Все заметки Новая заметка Страницу в заметки

На информационно-развлекательном портале SALDA.WS применяются cookie-файлы. Нажимая кнопку Принять, вы подтверждаете свое согласие на их использование.

Об использовании CookiesПринять