All You Need to Know About Cross-Site Scripting (XSS)

Ғылым және технология

Let's learn about the essentials of XSS vulnerabilities and how to hunt for them. Like, subscribe, and turn on notifications for more bug bounty insights. Comment below with your thoughts and experiences.
Happy Hacking!
X: / bughunterlabs
Chapters:
00:00 - Intro: Samy Worm
01:07 - XSS: Definition
02:11 - Reflected XSS
03:19 - Stored XSS
04:17 - DOM-based XSS
06:08 - Mutated XSS
07:13 - Blind XSS
08:15 - XSS Hunting Methodology
09:30 - Outro

Пікірлер: 23

  • @bughunterlabs
    @bughunterlabsАй бұрын

    Thanks for watching! What were your XSS findings?

  • @amoh96

    @amoh96

    21 күн бұрын

    i found 9 xss in vdps last month i switch to paid programes it's so hard brother :( now im learning about idors & logic bugs

  • @goohaver
    @goohaver26 күн бұрын

    oh shit, were all here for the start of something beautiful boys. only 624 subscribers? everyone knows thats going to change.

  • @bughunterlabs

    @bughunterlabs

    26 күн бұрын

    Let's gooo! Thank you :)

  • @goohaver

    @goohaver

    26 күн бұрын

    @@bughunterlabs Yeeeeeeaaaaah dog, let’s gooooooooo!!

  • @umniways
    @umniways9 күн бұрын

    Keep the good work, buddy. To the point, short and quick

  • @Cremilson1
    @Cremilson125 күн бұрын

    Hello! I've decided to change to Cybersecurity because of this and now Im learning a lot on how to bug hunt, thanks to you!

  • @bughunterlabs

    @bughunterlabs

    25 күн бұрын

    Great to hear! All the best for your new journey!

  • @user-hv7qf4mc1r
    @user-hv7qf4mc1r27 күн бұрын

    Nice explaination and teaching 👍

  • @bughunterlabs

    @bughunterlabs

    26 күн бұрын

    Thanks a lot!

  • @RustysAdventures
    @RustysAdventures20 күн бұрын

    Nice content man. Explained beautifully

  • @domelessanne6357
    @domelessanne635716 күн бұрын

    thank you for informative content :

  • @Flipper201
    @Flipper20115 күн бұрын

    624 subs 10 days ago, 2.7k as of this comment. The ELI5 of bug bounty lets gooooo!

  • @bughunterlabs

    @bughunterlabs

    10 күн бұрын

    It is a wild ride indeed! Thank you for the support!

  • @The_reaperBH
    @The_reaperBH21 күн бұрын

    Your explain is busted!!!!🔥🔥🔥🔥hope you make more videos about bug bounty tips and some recon techniques 🔥

  • @bughunterlabs

    @bughunterlabs

    21 күн бұрын

    Thank you. More is on the way! 🥳

  • @mtthsgrr
    @mtthsgrr14 күн бұрын

    great video btw, your work is fantastic

  • @bughunterlabs

    @bughunterlabs

    10 күн бұрын

    Thank you so much :)

  • @mtthsgrr
    @mtthsgrr14 күн бұрын

    I just don't get one thing: emails in sign in forms always allows a user to input underline, wouldn't that be a vulnerability? How does one know is the payload works? I don't get it.

  • @bughunterlabs

    @bughunterlabs

    10 күн бұрын

    Hi. Thanks for your comment. The underline is by itself not a malicious character. In general, popping an alert is usually one way to show that a site is vulnerable to XSS. But you can also probe for XSS by injecting HTML elements like canary123 and then check for underlined text. If you find something like this you can go on to try to pop an alert or execute other javascript. In the end, it is all about showing (or indicating) impact.

  • @TheRealVegapunk
    @TheRealVegapunk19 күн бұрын

    Hey bro, where do you study this from? Any resources shared would be appreciated.

  • @bughunterlabs

    @bughunterlabs

    19 күн бұрын

    Hi. Check out the cheat sheet. There is a resource section at the bottom :)

  • @user-zn9oj4vf5q
    @user-zn9oj4vf5q12 күн бұрын

    alert("Im hacked utube")

Келесі