Cross-site Scripting | OWASP Top 10 | Day 7

CyberWorldSec

xss attack xss attack demo xss attack example xss attack in hindi xss attack live xss attack tutorial in hindi xss attack video xss bug bounty xss challenge xss ctf xss tutorial xss vulnerability

description

XSS Explained Cross-site scripting, also known as XSS is a security vulnerability typically found in web applications. It’s a type of injection which can allow an attacker to execute malicious scripts and have it execute on a victim’s machine.

A web application is vulnerable to XSS if it uses unsanitized user input. XSS is possible in Javascript, VBScript, Flash and CSS. There are three main types of cross-site scripting:

Stored XSS - the most dangerous type of XSS. This is where a malicious string originates from the website’s database. This often happens when a website allows user input that is not sanitised (remove the "bad parts" of a users input) when inserted into the database.
Reflected XSS - the malicious payload is part of the victims request to the website. The website includes this payload in response back to the user. To summarise, an attacker needs to trick a victim into clicking a URL to execute their malicious payload.
DOM-Based XSS - DOM stands for Document Object Model and is a programming interface for HTML and XML documents. It represents the page so that programs can change the document structure, style and content. A web page is a document and this document can be either displayed in the browser window or as the HTML source.

For more XSS explanations and exercises, check out the XSS room.

room link -https://tryhackme.com/room/owasptop10

In this video, CyberWorldSec shows you how to solve tryhackme owasptop10 CTF

Capture The Flags, or CTFs, are a kind of computer security competition. Teams of competitors (or just individuals) are pitted against each other in a test of computer security skill.

🆘🆘NEED HELP?? Join the Discord Server: https://discord.gg/W5vJaaBw

FOLLOW ME EVERYWHERE

Instagram : https://www.instagram.com/bug_bunty Telegram group : https://t.me/ethical_hacker_learn Discord: https://discord.gg/W5vJaaBw Twitter: https://twitter.com/cyberworlds3c

Disclaimer :

These materials are for educational and research purposes only.

These videos teach you cyber secuirty and all the practicals are conducted on a safe to test labs provided by tryhackme .

TryHackMe is an online platform that teaches cyber security through short, gamified real-world labs. We have content for both complete beginners and seasoned hackers, encorporating guides and challenges to cater for different learning styles. To know more go to https://tryhackme.com/about

SUBSCRIBE for more videos! Thanks for watching! Cheers!

XSS Payloads

Remember, cross-site scripting is a vulnerability that can be exploited to execute malicious Ja ... https://www.youtube.com/watch?v=Ws3KvYXv2rQ

created

2021-06-29

staked

0.0 LBC

license

Copyrighted (contact publisher)

File size

30780967 Bytes