XSS Rat shows us how he hacks websites in 5 minutes and get customers. He approaches companies and gives them 1 hour of free consultancy. But, he is often able to hack their website in 5 minutes - and gain a new client :) He then shows them how they can better secure their websites against actual attacks.
XSS Rat's new course: https://davidbombal.wiki/xssratpentest
// MENU //
00:00 - Coming up // Hacking websites in 5 minutes!
00:48 - Intro & Disclaimer
00:59 - How to hack websites with XSS
02:17 - Hacking websites demo
03:10 - CAPTCHA vulnerability
04:49 - CSRF token vulnerability
17:19 - Changing emails
20:36 - Client Side Template Injection
24:30 - Mass Assignment vulnerability
28:23 - Open Redirect vulnerability
31:54 - Stealing session tokens
34:44 - JWT vulnerability
38:37 - WordPress // Don't use plugins!
39:10 - Even experts can make mistakes
40:38 - Recommended security scanners
41:05 - Account takeover vulnerabilities
45:37 - Fight the cheese monster! // hackerats.com
52:00 - Thanks XSS Rat! // Free labs on hackxpert.com
52:52 - What to expect in the next video
53:26 - Conclusion
// Previous video //
XSS hacking: https://youtu.be/PzRQhpbYbeg
// NEW COURSE //
Get XSS Rat's New Pentest course: https://davidbombal.wiki/xssratpentest
// Demo Sites //
This video: https://hackxpert.com/00032422342/ratsite/
Others mentioned:
- https://hackxpert.com/labs
- https://hackxpert.com/ratsite
// David's SOCIAL //
Discord: https://discord.com/invite/usKSyzb
Twitter: https://www.twitter.com/davidbombal
Instagram: https://www.instagram.com/davidbombal
LinkedIn: https://www.linkedin.com/in/davidbombal
Facebook: https://www.facebook.com/davidbombal.co
TikTok: http://tiktok.com/@davidbombal
YouTube: https://www.youtube.com/davidbombal
// XSS Rat SOCIAL //
Twitter: https://twitter.com/theXSSrat
YouTube: youtube.com/c/TheXSSrat
Website: https://thexssrat.podia.com/
// XSS Rat's Udemy course //
New Pentest course: https://davidbombal.wiki/xssratpentest
XSS Survival Guide: https://www.udemy.com/course/xss-survival-guide/
// XSS Rat's courses and bootcamps //
https://thexssrat.podia.com/
// MY STUFF //
https://www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: [email protected]
xss
cross site scripting
portswigger
ajax
jscript
javascript
xss attack
xss video tutorial
xss attack tutorial
xss explained
xss attack example
xss bug bounty
xss tutorial
xss vulnerability
xss vs csrf attack
xss example
xsser
xsssa facebook
xsssa
kali linux
penetration testing
ethical hacking
bug bounty
cross site scripting
cross-site scripting
red teaming
cyber security
kali linux install
kali linux 2022
ethical hacker course
ethical hacker
javascript
ajax
jquery
node js
node js hacking
portswigger
Disclaimer: This video is for educational purposes only.
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended.
Thank you for supporting me and this channel!
#xss #javascript #hacking