Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Cross-Site Scripting (XSS)
Introduction
Course Introduction (1:53)
Course Slides and Scripts
Getting Help
Answering Your Questions (3:11)
Join the Discord Server
XSS - Technical Deep Dive
Agenda (0:52)
What is XSS (17:32)
How to Find & Exploit XSS Vulnerabilities (13:15)
How to Prevent XSS Vulnerabilities (5:20)
Additional Resources (2:49)
Lab Environment Setup
Lab Environment Setup (7:21)
Step-by-Step Guide
Hands-On XSS Labs
Lab #1 Reflected XSS into HTML context with nothing encoded (3:47)
Lab #2 Stored XSS into HTML context with nothing encoded (5:06)
Lab #3 DOM XSS in document.write sink using source location.search (7:46)
Lab #4 DOM XSS in innerHTML sink using source location.search (6:03)
Lab #5 DOM XSS in jQuery anchor href attribute sink using location.search source (7:09)
Lab #6 DOM XSS in jQuery selector sink using a hashchange event (10:14)
Lab #7 Reflected XSS into attribute with angle brackets HTML-encoded (5:05)
Lab #8 Stored XSS into anchor href attribute with double quotes HTML-encoded (5:50)
Lab #9 Reflected XSS into a JavaScript string with angle brackets HTML encoded (5:54)
Lab #10 DOM XSS in document.write sink using source location.search inside a select element (8:18)
Lab #11 DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded (4:30)
Lab #12 Reflected DOM XSS (7:46)
Lab #13 Stored DOM XSS (8:08)
Lab #14 Exploiting cross-site scripting to steal cookies (9:21)
Lab #15 Exploiting cross-site scripting to capture passwords (10:01)
Lab #16 Exploiting XSS to perform CSRF (12:08)
Lab #17 Reflected XSS into HTML context with most tags and attributes blocked (10:57)
Lab #18 Reflected XSS into HTML context with all tags blocked except custom ones (10:23)
Lab #19 Reflected XSS with some SVG markup allowed (6:34)
Lab #20 Reflected XSS in canonical link tag (7:26)
Lab #21 Reflected XSS into a JavaScript string with single quote and backslash escaped (4:32)
Lab #22 Reflected XSS into a JavaScript string with angle brackets and double quotes HTML-encoded and single quotes escaped (5:36)
Lab #23 Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and single quotes and backslash escaped (7:40)
Lab #24 Reflected XSS into a template literal with angle brackets, single, double quotes, backslash and backticks Unicode-escaped (3:19)
Thank You!
Thank You!
Lab #14 Exploiting cross-site scripting to steal cookies
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock