Website Hacking Demos using Cross-Site Scripting (XSS) - it's just too easy!

// MENU //
00:00 ▶ We are taking over the world!
00:16 ▶ Introducing//XSS Rat//Wesley
01:28 ▶ What is XSS/ Cross Site Scripting?
02:59 ▶ Types of XSS
05:15 ▶ Reflected XSS
06:22 ▶ Example of data sanitization
07:35 ▶ Circumventing filtering with the img tag
11:01 ▶ Sending a Reflected XSS Attack to Someone
12:01 ▶ Using HTML comments as an attack vector
13:49 ▶ Using single quotes to break out of the input tag
15:14 ▶ Don't use alert() to test for XSS
17:33 ▶ What you can do with Reflected XSS
19:26 ▶ Stored XSS
20:31 ▶ Using comments for XSS
21:05 ▶ Example #1 of Stored XSS on Twitter
21:42 ▶ Example #2 of Stored XSS
22:12 -▶ The answer to the ultimate question of life, the universe, and everything.
22:56 ▶ Stored vs Reflected XSS
24:22 ▶ AngularJS/Client Side Template Injection
25:06 ▶ Don't use JavaScript?
26:09 ▶ Where to learn more//XSS Survival Guide
27:04 ▶ DOM Based XSS
29:36 ▶ List of DOM sinks
30:12 ▶ jQuery DOM sinks
32:15 ▶ XSS Rat Live Training
33:00 ▶ Support XSS Rat//Wesley
34:06 ▶ Closing//Thanks, Wesley!

// Demo Sites //

// David's SOCIAL //

// XSS Rat SOCIAL //
YouTube: youtube.com/c/TheXSSrat

// XSS Rat's Udemy course //

// XSS Rat's courses and bootcamps //

// MY STUFF //

// SPONSORS //

Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

davidbombal

Wow David you're collaborating with awesome people ♥️♥️.. here you dropped this king 👑

faran_siddiqui-dt

He is ridiculously clear in his explanations. Beautiful.

charlesmarseille

As a developer this is pretty useful. Thanks for the great value David

aramv

Your videos are also so informative and entertaining! Thanks David!

bloudengaming

LOL David I just started following the XSS Rat not long ago! Either you're in my head, or I'm on the right track...'cause this just keeps happening! 🤣 Love that you're helping expose these gems of our community to the masses...great stuff man!

jpiercelt

Mamamia, how can a person talk with such a relaxed vibe yet be rich with dang seriously valuable insights!!

One of the best gem findings I've ever encountered in YT! Thanks, David and XSSRat! I could feel the ridiculously strong vibe to the point I am liking XSS hahaha ...

Just a bit sad that the labs are no longer shared...

ErikNainggolan

Best content creator in the field Cybersecurity by far, informative and entertaining!

youssefbouchara

David you’re just the best. Keep pouring these contents . I’m really having fun .

bertrandfossung

Amazing video, questions and demo very well done. I always find it amazing how you can look at one thing differently and your in. *looking at the wall with security guard checking ID’s. Wall is only 3 feet wide. Just walk around.

I’m excited to see how I will look at my own code differently.
Thanks again!

TheRich

Dang.... you know I've used templating frameworks for so long like handlebars, angular and most recently Vue. I never considered the possibility of script being injected through these templating engines but it makes perfect sense now that I've seen it.

jamesblock

Got scared I actually bought Wesley's Udemy course right away. David continue inviting good people to your channel. I have promised to watch your videos instead of the Ukraine war news. Gives me more knowledge.

parexcellence

I saw wesley for the first time in an interview with nahamsec. I immediately subscribed to his Chanel and watched his amazing videos 👍 java script is for me as network guy a little bit complicated but I learned the basics of reflect attack and found some vulnerability (I reported them ). Thank you David and wesley for this amazing video! ✌

skeptisch

this xssrat guy is a demon at bypassing wow just wow lol pls a video on javascript for hackers would be great

alfatech

This channel is on fire! Loving these videos David!

rajmaharjan

Awesome content as always! Wesley seems pro and really nice guy!

wojciechneugebauer

This gentle man is just on a different level this field and he is mind blowing

ChristianAglanu

Thank you buddy all things you do to the community if not for you people like me coming from poor backgrounds would have faced a lot of difficulty to break into cyber security

Bharath-wbuy

Tutorials on the net about this stuff are so confusing. Sometimes they appear to contradict one another. It's no wonder they have mistakes. Good video

DF-ssep

I’m so jealous of you David! You get to have conversations with a lot of cool people.

zaccampa