#374: Website Hacking Demos using Cross-Site Scripting (XSS) - it's just too easy!

It's just too easy to attack websites using Cross Site Scripting (XSS). The XSS Rat demonstrates XSS attacks. XSS Rat explains and demos cross-site scripting (xss) attacks. // MENU // 00:00 ▶️ We are taking over the world! 00:16 ▶️ Introducing//XSS Rat//Wesley 01:28 ▶️ What is XSS/ Cross Site Scripting? 02:59 ▶️ Types of XSS 05:15 ▶️ Reflected XSS 06:22 ▶️ Example of data sanitization 07:35 ▶️ Circumventing filtering with the img tag 11:01 ▶️ Sending a Reflected XSS Attack to Someone 12:01 ▶️ Using HTML comments as an attack vector 13:49 ▶️ Using single quotes to break out of the input tag 15:14 ▶️ Don't use alert() to test for XSS 17:33 ▶️ What you can do with Reflected XSS 19:26 ▶️ Stored XSS 20:31 ▶️ Using comments for XSS 21:05 ▶️ Example #1 of Stored XSS on Twitter 21:42 ▶️ Example #2 of Stored XSS 22:12 -▶️ The answer to the ultimate question of life, the universe, and everything. 22:56 ▶️ Stored vs Reflected XSS 24:22 ▶️ AngularJS/Client Side Template Injection 25:06 ▶️ Don't use JavaScript? 26:09 ▶️ Where to learn more//XSS Survival Guide 27:04 ▶️ DOM Based XSS 29:36 ▶️ List of DOM sinks 30:12 ▶️ jQuery DOM sinks 32:15 ▶️ XSS Rat Live Training 33:00 ▶️ Support XSS Rat//Wesley 34:06 ▶️ Closing//Thanks, Wesley! // Demo Sites // XSS Labs: https://hackxpert.com/labs/RXSS/GET/ Labs site: https://hackxpert.com/labs Rat Site: https://hackxpert.com/ratsite // David's SOCIAL // Discord: https://discord.com/invite/usKSyzb Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/davidbombal // XSS Rat SOCIAL // Twitter: https://twitter.com/theXSSrat YouTube: youtube.com/c/TheXSSrat Website: https://thexssrat.podia.com/ // XSS Rat's Udemy course // XSS Survival Guide: https://www.udemy.com/course/xss-surv... // XSS Rat's courses and bootcamps // https://thexssrat.podia.com/ // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com xss cross site scripting portswigger ajax jscript javascript xss attack xss video tutorial xss attack tutorial xss explained xss attack example xss bug bounty xss tutorial xss vulnerability xss vs csrf attack xss example xsser xsssa facebook xsssa kali linux penetration testing ethical hacking bug bounty cross site scripting cross-site scripting red teaming cyber security kali linux install kali linux 2022 ethical hacker course ethical hacker javascript ajax jquery node js node js hacking portswigger Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! #xss #javascript #hacking