Tutorialspoint

April Learning Carnival is here, Use code FEST10 for an extra 10% off

Case Studies of Award-Winning XSS Attacks: Part 2

person icon Dawid Czagan

4.6
Buy Now

Case Studies of Award-Winning XSS Attacks: Part 2

Learn How to Find Award-Winning XSSs in Modern Web Applications

updated on icon Updated on Apr, 2024

language icon Language - English

person icon Dawid Czagan

category icon IT & Software,Network & Security,Bug Bounty,Ethical Hacking,Penetration Testing,

Lectures -10

Duration -43 mins

4.6

price-loader

Add to Cart Buy Now

30-days Money-Back Guarantee

Training 5 or more people ?

Get your team access to 10000+ top Tutorials Point courses anytime, anywhere.

Gift this course

Course Description

This course is the follow-up to one of my previous courses – "Case-Studies of Award-Winning XSS Attacks: Part 1". We will continue our XSS hunting journey and you will learn more about award-winning XSS attacks.

There are many people hunting for XSSs, but only a few of them are successful and earn a 4‑digit ($$$$) reward per single XSS. What makes them successful? They focus on non‑standard XSSs and this is exactly what I present in this course!

I’m one of the top hackers at HackerOne (among more than 100,000 registered hackers), and I really know how to make money out there. If you want to become a successful XSS hunter, then this course is just for you.

In Part 2 of Case-Studies of Award-Winning XSS Attacks, you will learn about the following non-standard XSS attacks:

1. XSS via XML
2. XSS via location.href
3. XSS via vbscript:
4. From XSS to Remote Code Execution

For every single bug there is a DEMO so that you can see how to find these bugs step-by-step in practice.

Do you want to become a successful XSS hunter? Let’s enroll to this course and continue our exciting journey.

If you are interested in more award-winning XSS attacks, then I also recommend you to see the course "Case-Studies of Award-Winning XSS Attacks: Part 1".

Who this course is for:

  • Penetration testers, ethical hackers, bug hunters, security engineers / consultants

Goals

What will you learn in this course:

  • Learn How Hackers Earn a 4-digit Reward ($$$$) per Single XSS

  • Discover How to Find These XSSs Step-by-step in Practice (DEMOS)

  • Become a Successful Bug Hunter

  • Learn From One of The Top Hackers at HackerOne

Prerequisites

What are the prerequisites for this course?

  • Basic understanding of XSS attacks

Case Studies of Award-Winning XSS Attacks: Part 2

Curriculum

Check out the detailed breakdown of what’s inside the course

Introduction
1 Lectures
  • play icon Introduction 04:53 04:53
XSS via XML
2 Lectures
Tutorialspoint
XSS via location.href
2 Lectures
Tutorialspoint
XSS via vbscript
2 Lectures
Tutorialspoint
From XSS to Remote Code Execution
2 Lectures
Tutorialspoint
Summary
1 Lectures
Tutorialspoint

Instructor Details

Dawid Czagan

Dawid Czagan

Top 10 Hacker at HackerOne | Author of "Bug Hunting Millionaire"

Dawid Czagan (@dawidczagan) is an internationally recognized security researcher and trainer. He is listed among top hackers at HackerOne. Dawid Czagan has found security vulnerabilities in Google, Yahoo, Mozilla, Microsoft, Twitter and other companies. Due to the severity of many bugs, he received numerous awards for his findings.

Dawid Czagan shares his security bug hunting experience in his hands-on trainings “Hacking Web Applications – Case Studies of Award-Winning Bugs in Google, Yahoo, Mozilla and More” and “Black Belt Pentesting / Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation”. He delivered security training courses at key industry conferences such as Hack In The Box (Amsterdam), CanSecWest (Vancouver), 44CON (London), Hack In Paris (Paris), DeepSec (Vienna), NorthSec (Montreal), HITB GSEC (Singapore), BruCON (Ghent) and for many corporate clients. His students include security specialists from Oracle, Adobe, ESET, ING, Red Hat, Trend Micro, Philips and government sector (References are attached to Dawid Czagan's LinkedIn profile (https://www.linkedin.com/in/dawid-czagan-85ba3666/). They can also be found here: https://silesiasecuritylab.com/services/training/#opinions).

Dawid Czagan is a founder and CEO at Silesia Security Lab – a company which delivers specialized security testing and training services. He is also an author of online security courses (https://academy.silesiasecuritylab.com/). To find out about the latest in Dawid Czagan’s work, you are invited subscribe to his newsletter (https://silesiasecuritylab.com/newsletter) and follow him on Twitter (@dawidczagan) and LinkedIn (https://www.linkedin.com/in/dawid-czagan-85ba3666/).

Course Certificate

Use your certificate to make a career change or to advance in your current career.

sample Tutorialspoint certificate

Our students work
with the Best

adobe logo adp logo apple logo armani logo bosch logo capegemini logo cisco logo hdfc bank logo ibm logo intel logo mastercard logo netflix logo qualcomm logo samsung logo sony logo unilever logo walmart logo
adobe logo adp logo apple logo armani logo bosch logo capegemini logo cisco logo hdfcbank logo ibm logo intel logo mastercard logo netflix logo qualcomm logo samsung logo sony logo unilever logo walmart logo

Related Video Courses

View More

Annual Membership

Become a valued member of Tutorials Point and enjoy unlimited access to our vast library of top-rated Video Courses

Subscribe now
Annual Membership

Online Certifications

Master prominent technologies at full length and become a valued certified professional.

Explore Now
Online Certifications

Talk to us

1800-202-0515