What you'll learn

Find XSS(Cross Site Scripting) on real world applications

Learn the manual and automated ways to find xss with deeper analysis

Learn to make own payloads and impart great impact in different cases to applications

Learn to chain different vulnerabilities with cross site scripting and make good impacts

Learn all the attacks possible with cross site scripting

Find multiple ways to bypass the restrictions

Learning from real world targets and quality labs

Requirements

You should know basics of bug bounty like vulnerabilities related to OWASP TOP 10

You should know basics of Burpsuite,basic linux commands

If you know basics of programming ,HTML , css or basic development then it will be great

should know the installation of tools like burpsuite,linux tools like waybacks,gau,gf etc

Description

Cross Site Scripting is one of known and important vulnerability in Bug bounty , cross scripting as ability to hijack user cookies and session and can possibly perform account takeover but now a days due to increasing competition in bug bounty and more security in applications it is hard to find xss issues we now have to rely on manual things rather than automation tools,scripts to find a better issue,in this course i have covered lot of fresh content and things which will be definately new and interesting for you.other than account takeovers i have covered other interesting attacks with xss like keylogger attack,content manipulation attack, open redirection.Additionally i have covered the session where i am showing how you can chain xss with other vulnerabilities like file upload, IDOR etc.From this course you will be able to learn Finding cross site scripting in real world applicationLearning how to build own payloads for different types of attacks possible with cross site scriptingunderstanding account takeovers via xss with understanding cookies,session,localstorage and understanding conditions required for account takeoverLearning how to chain different vulnerabilities with xss with other vulnerabilities like file upload,IDOR(Indirect object reference),subdomain takoever,CVEsLearning how to exploit using other vulnerabilities like open redirection,keylogger and content manipulation attackLearning to bypass different restrictions of secure applicationall the things are demonstrated via real targets and different labs resourcesUpcoming videos for the course:postmessage xsssome more examples of chainingxss preventionsDisclaimer : All the things demonstrated in the course is for education purpose only don't use this malicious or bad way to harm any other organisation

Master_the_XSSCross_Site_Scripting_for_real_world_Apps.part1.rar - 995.0 MB

Master_the_XSSCross_Site_Scripting_for_real_world_Apps.part2.rar - 995.0 MB

Master_the_XSSCross_Site_Scripting_for_real_world_Apps.part3.rar - 995.0 MB

Master_the_XSSCross_Site_Scripting_for_real_world_Apps.part4.rar - 995.0 MB

Master_the_XSSCross_Site_Scripting_for_real_world_Apps.part5.rar - 570.2 MB