Cross-Site Scripting Lab Breakdown: Reflected XSS into HTML context with nothing encoded

preview_player
Показать описание


Additional References for Further Exploration:

------------------------------------------------------------------------------
In this series, we take a look at Web Security Academy's Cross-Site Scripting (XSS) labs and break them down. The goal is to break down the concepts to not only get to the solution, but talk about methodology and the mental steps we take in order to discover these vulnerabilities in the wild.

Timestamps:
0:00​ Intro
0:33 What is Cross-Site Scripting?
1:38 Important Question to Answer
2:25 Reflected XSS
3:00 Lab Start: Basic XSS Enumeration
4:28 Final Payload
5:28 Recap
5:57 Outro

------------------------------------------------------------------------------

Music:

“Friends”
Produced by Hyper Potions

“High Noon”
Produced by Bankrupt Beats

“Snickers”
Produced by Epidemic Sound / Damma Beatz

“Ikebaby”
Produced by Robotprins
  1. Seven Seas Security
  2. bug bounties
  3. hacking
  4. bug bounty
  5. penetration testing
  6. penetration test
Рекомендации по теме
Cross-Site Scripting Lab 0:06:39

Cross-Site Scripting Lab Breakdown: Reflected XSS into HTML context with nothing encoded

Cross-Site Scripting Lab 0:07:08

Cross-Site Scripting Lab Breakdown: Stored XSS into HTML context with nothing encoded

Cross-Site Scripting (XSS) 0:09:31

Cross-Site Scripting (XSS) Explained And Demonstrated By A Pro Hacker!

Reflected XSS in 0:24:51

Reflected XSS in a JavaScript URL with some characters blocked - Explaining the Payload

XSS - Lab 0:00:51

XSS - Lab #1 Reflected XSS into HTML context with nothing encoded

XSS - What 0:07:39

XSS - What is a 'Sink' in Cross Site Scripting?

Mastering Reflected XSS 0:08:40

Mastering Reflected XSS into HTML: Lab #01

Port Swigger-Reflected XSS 0:12:25

Port Swigger-Reflected XSS ( PRACTITIONER )

HACTIFY Lab Solutions 0:23:46

HACTIFY Lab Solutions || WEEK 3 || VTF INTERNSHIP || Cross Site Scripting || 2021

Reflected XSS in 0:01:41

Reflected XSS in canonical link tag

Reflected XSS with 0:01:38

Reflected XSS with event handlers and href attributes blocked [Solution Video] | Web Security

Lab: Exploiting HTTP 0:06:17

Lab: Exploiting HTTP request smuggling to deliver reflected XSS

Reflected XSS into 0:08:07

Reflected XSS into HTML context with most tags and attributes blocked

Reflected DOM XSS 0:00:42

Reflected DOM XSS

Introduction to Cross 0:33:05

Introduction to Cross Site Scripting (XSS) | Exploiting and mitigating XSS

Reflected XSS with 0:06:00

Reflected XSS with some SVG markup allowed

Reflected XSS into 0:00:48

Reflected XSS into HTML context with nothing encoded | 1

What is Cross 0:06:16

What is Cross Site Scripting? | XSS Reflected | RXSS | XSS Practical | XSS Explanation | XSS Types

Reflected XSS into 0:01:36

Reflected XSS into HTML context with nothing encoded | Portswigger

Lab Reflected XSS 0:01:19

Lab Reflected XSS in canonical link tag

Lab Reflected XSS 0:01:01

Lab Reflected XSS into HTML context with nothing encoded

Reflected XSS into 0:03:02

Reflected XSS into a JavaScript string with single quote and backslash escaped

XSS | Cross-Site 0:07:47

XSS | Cross-Site Scripting | XSS Interview Questions | Cyber Security Interview Questions

Reflected XSS into 0:01:18

Reflected XSS into attribute with angle brackets HTML-encoded

Комментарии
Автор

Great video Garr, good information here.

BCan
Автор

Instead of the vlaue (1) or (34) how can i inject a sentence in it? I need a sentence to pop up after copying the URL

jamallewis
Автор

Can u please make a video on http request smuggling

mereemail