Website Hacking Demos using Cross-Site Scripting (XSS) - it's just too easy!

David Bombal · Beginner ·🔐 Cybersecurity ·3y ago
It's just too easy to attack websites using Cross Site Scripting (XSS). The XSS Rat demonstrates XSS attacks. XSS Rat explains and demos cross-site scripting (xss) attacks. // MENU // 00:00 ▶️ We are taking over the world! 00:16 ▶️ Introducing//XSS Rat//Wesley 01:28 ▶️ What is XSS/ Cross Site Scripting? 02:59 ▶️ Types of XSS 05:15 ▶️ Reflected XSS 06:22 ▶️ Example of data sanitization 07:35 ▶️ Circumventing filtering with the img tag 11:01 ▶️ Sending a Reflected XSS Attack to Someone 12:01 ▶️ Using HTML comments as an attack vector 13:49 ▶️ Using single quotes to break out of the i…
Watch on YouTube ↗ (saves to browser)

Chapters (27)

We are taking over the world!
0:16 Introducing//XSS Rat//Wesley
1:28 What is XSS/ Cross Site Scripting?
2:59 Types of XSS
5:15 Reflected XSS
6:22 Example of data sanitization
7:35 Circumventing filtering with the img tag
11:01 Sending a Reflected XSS Attack to Someone
12:01 Using HTML comments as an attack vector
13:49 Using single quotes to break out of the input tag
15:14 Don't use alert() to test for XSS
17:33 What you can do with Reflected XSS
19:26 Stored XSS
20:31 Using comments for XSS
21:05 Example #1 of Stored XSS on Twitter
21:42 Example #2 of Stored XSS
22:12 The answer to the ultimate question of life, the universe, and everything.
22:56 Stored vs Reflected XSS
24:22 AngularJS/Client Side Template Injection
25:06 Don't use JavaScript?
26:09 Where to learn more//XSS Survival Guide
27:04 DOM Based XSS
29:36 List of DOM sinks
30:12 jQuery DOM sinks
32:15 XSS Rat Live Training
33:00 Support XSS Rat//Wesley
34:06 Closing//Thanks, Wesley!

Playlist

Uploads from David Bombal · David Bombal · 0 of 60

← Previous Next →
1 RYU SDN Controller Part 3: OpenFlow 1.3: Practical GNS3 SDN and OpenFlow
RYU SDN Controller Part 3: OpenFlow 1.3: Practical GNS3 SDN and OpenFlow
David Bombal
 2 RYU SDN Controller Part 4: Graphical User Interface (GUI): Practical GNS3 SDN and OpenFlow
RYU SDN Controller Part 4: Graphical User Interface (GUI): Practical GNS3 SDN and OpenFlow
David Bombal
 3 GNS3 Talks: IOSvL2 switching appliance import & configuration
GNS3 Talks: IOSvL2 switching appliance import & configuration
David Bombal
 4 HPE Network Protector SDN Application Part 1 - Introduction
HPE Network Protector SDN Application Part 1 - Introduction
David Bombal
 5 HPE Network Protector SDN Application Part 2 : DNS Interception using OpenFlow
HPE Network Protector SDN Application Part 2 : DNS Interception using OpenFlow
David Bombal
 6 HPE Network Protector SDN Application Part 3 - Lab Setup using Physical Switches
HPE Network Protector SDN Application Part 3 - Lab Setup using Physical Switches
David Bombal
 7 HPE Network Protector SDN Application Part 4 - Demo of malicious websites blocked
HPE Network Protector SDN Application Part 4 - Demo of malicious websites blocked
David Bombal
 8 HPE Network Protector SDN Application Part 5 - Demo OpenFlow table interception flows
HPE Network Protector SDN Application Part 5 - Demo OpenFlow table interception flows
David Bombal
 9 HPE Network Protector SDN Application Part 6 - Demo of Physical Switch configuration
HPE Network Protector SDN Application Part 6 - Demo of Physical Switch configuration
David Bombal
 10 GNS3 Talks: IOSv Appliance - get IOS 15.X on GNS3
GNS3 Talks: IOSv Appliance - get IOS 15.X on GNS3
David Bombal
 11 HPE Network Protector SDN Application Part 7 - Demo Service Insertion Tunnel / GRE Tunnel
HPE Network Protector SDN Application Part 7 - Demo Service Insertion Tunnel / GRE Tunnel
David Bombal
 12 HPE Network Protector SDN Application Part 8 - Demo SDN OpenFlow Reporting
HPE Network Protector SDN Application Part 8 - Demo SDN OpenFlow Reporting
David Bombal
 13 HPE Network Protector SDN Application Part 9 - Demo switches interception of DNS traffic
HPE Network Protector SDN Application Part 9 - Demo switches interception of DNS traffic
David Bombal
 14 GNS3 Talks: GNS3 version 1.5.X Appliance Tips
GNS3 Talks: GNS3 version 1.5.X Appliance Tips
David Bombal
 15 CCNA 200-125 Exam: AAA demo: TACACS+ with GNS3
CCNA 200-125 Exam: AAA demo: TACACS+ with GNS3
David Bombal
 16 CCNA 200-125 Exam: PPPoE Server Demo with GNS3
CCNA 200-125 Exam: PPPoE Server Demo with GNS3
David Bombal
 17 CCNA VLOG #001: Troubleshooting OSPF for the CCNA 120-125 exam
CCNA VLOG #001: Troubleshooting OSPF for the CCNA 120-125 exam
David Bombal
 18 CCNA VLOG #002: Q&A: Loopback? What? Why? CCNA 120-125 questions
CCNA VLOG #002: Q&A: Loopback? What? Why? CCNA 120-125 questions
David Bombal
 19 GNS3 Talks: Install GNS3 1.5.X on a Mac with GNS3 VM
GNS3 Talks: Install GNS3 1.5.X on a Mac with GNS3 VM
David Bombal
 20 CCNA VLOG #003: What's your name? That won't work! CCNA Troubleshooting
CCNA VLOG #003: What's your name? That won't work! CCNA Troubleshooting
David Bombal
 21 CCNA VLOG #004: IP default gateway versus default route
CCNA VLOG #004: IP default gateway versus default route
David Bombal
 22 CCNA VLOG #005: Why is the network broken? CCNA 200-125 Troubleshooting
CCNA VLOG #005: Why is the network broken? CCNA 200-125 Troubleshooting
David Bombal
 23 CCNA VLOG #006: Troubleshoot Telnet issues in preparation for the CCNA 200-125 exam
CCNA VLOG #006: Troubleshoot Telnet issues in preparation for the CCNA 200-125 exam
David Bombal
 24 CCNA VLOG #007: BGP configuration and verification for the CCNA 200-125 exam
CCNA VLOG #007: BGP configuration and verification for the CCNA 200-125 exam
David Bombal
 25 CCNA VLOG #008: BGP troubleshooting for the CCNA 200-125 exam
CCNA VLOG #008: BGP troubleshooting for the CCNA 200-125 exam
David Bombal
 26 CCNA VLOG #009: BGP troubleshooting 2 - lost BGP route - CCNA 200-125 exam
CCNA VLOG #009: BGP troubleshooting 2 - lost BGP route - CCNA 200-125 exam
David Bombal
 27 GNS3 2.0.0 beta 2 install
GNS3 2.0.0 beta 2 install
David Bombal
 28 CCNA VLOG #010: Q&A: Loopbacks? Another good reason to use loopbacks! CCNA 120-125
CCNA VLOG #010: Q&A: Loopbacks? Another good reason to use loopbacks! CCNA 120-125
David Bombal
 29 CCNA VLOG #011: BGP troubleshooting 3 - Neighbor down! CCNA 200-125 exam
CCNA VLOG #011: BGP troubleshooting 3 - Neighbor down! CCNA 200-125 exam
David Bombal
 30 CCNA #012: Learn SNMP with GNS3, Wireshark and Solarwinds NPM - CCNA 200-125 exam
CCNA #012: Learn SNMP with GNS3, Wireshark and Solarwinds NPM - CCNA 200-125 exam
David Bombal
 31 CCNA #013: Spanning Tree CCNA Exam Questions: Know the answer? CCNA 200-125 exam
CCNA #013: Spanning Tree CCNA Exam Questions: Know the answer? CCNA 200-125 exam
David Bombal
 32 CCNA #014: Routing decisions? OSPF or EIGRP? CCNA 200-125 exam questions
CCNA #014: Routing decisions? OSPF or EIGRP? CCNA 200-125 exam questions
David Bombal
 33 CCNA #015: DHCP Server and client configuration using Cisco IOS: CCNA 200-125 exam
CCNA #015: DHCP Server and client configuration using Cisco IOS: CCNA 200-125 exam
David Bombal
 34 CCNA #016: OSPF, EIGRP, RIP or Static Routes? Routing decisions? CCNA 200-125 exam
CCNA #016: OSPF, EIGRP, RIP or Static Routes? Routing decisions? CCNA 200-125 exam
David Bombal
 35 GNS3 2.0.0 beta : GNS3 VM integration with GNS3 GUI
GNS3 2.0.0 beta : GNS3 VM integration with GNS3 GUI
David Bombal
 36 CCNA #017: What is a RIB Failure? EBGP versus IBGP? CCNA 200-125 exam questions
CCNA #017: What is a RIB Failure? EBGP versus IBGP? CCNA 200-125 exam questions
David Bombal
 37 CCNA #018: Routing exam questions: Who wins? OSPF, EIGRP or RIP? Sure? CCNA 200-125 exam
CCNA #018: Routing exam questions: Who wins? OSPF, EIGRP or RIP? Sure? CCNA 200-125 exam
David Bombal
 38 CCNA #019: Spanning Tree CCNA Exam Questions: Root Bridge, Root Port and more: CCNA 200-125 exam
CCNA #019: Spanning Tree CCNA Exam Questions: Root Bridge, Root Port and more: CCNA 200-125 exam
David Bombal
 39 CCNA #020: Static NAT Demo: CCNA 200-125 exam
CCNA #020: Static NAT Demo: CCNA 200-125 exam
David Bombal
 40 GNS3 Talks: GNS3 and Physical device OSPF route exchange
GNS3 Talks: GNS3 and Physical device OSPF route exchange
David Bombal
 41 GNS3 Download, installation and configuration - GNS3 1.5.3 and Windows 10
GNS3 Download, installation and configuration - GNS3 1.5.3 and Windows 10
David Bombal
 42 ESXi Part 1: GNS3, VMware ESXi and the GNS3 VM
ESXi Part 1: GNS3, VMware ESXi and the GNS3 VM
David Bombal
 43 CCNA VLOG #021 EIGRP Neighbor Troubleshooting: Debugs show not common Subnet: CCNA 200-125 Exam
CCNA VLOG #021 EIGRP Neighbor Troubleshooting: Debugs show not common Subnet: CCNA 200-125 Exam
David Bombal
 44 ESXi Part 2: GNS3, VMware ESXi and the GNS3 VM
ESXi Part 2: GNS3, VMware ESXi and the GNS3 VM
David Bombal
 45 ESXi Part 3: GNS3, VMware ESXi and the GNS3 VM
ESXi Part 3: GNS3, VMware ESXi and the GNS3 VM
David Bombal
 46 ESXi Part 4: GNS3, VMware ESXi and the GNS3 VM
ESXi Part 4: GNS3, VMware ESXi and the GNS3 VM
David Bombal
 47 CCNA #022 EIGRP Neighbor Troubleshooting for the CCNA 200-125 Exam
CCNA #022 EIGRP Neighbor Troubleshooting for the CCNA 200-125 Exam
David Bombal
 48 GNS3 VM Integration: GNS3 1.5.3, VMware and Windows 10 with GNS3 Talks
GNS3 VM Integration: GNS3 1.5.3, VMware and Windows 10 with GNS3 Talks
David Bombal
 49 GNS3 GUI and VM upgrade on Windows: How to upgrade to 1.5.3 (includes GNS3 VM upgrade process)
GNS3 GUI and VM upgrade on Windows: How to upgrade to 1.5.3 (includes GNS3 VM upgrade process)
David Bombal
 50 CCNA #023 EIGRP Neighbor Troubleshooting (DUAL Issues) for the CCNA 200-125 Exam
CCNA #023 EIGRP Neighbor Troubleshooting (DUAL Issues) for the CCNA 200-125 Exam
David Bombal
 51 CCNA #024 EIGRP Retransmission retry limit exceeded? EIGRP Neighbor Troubleshooting CCNA
CCNA #024 EIGRP Retransmission retry limit exceeded? EIGRP Neighbor Troubleshooting CCNA
David Bombal
 52 GNS3 Talks: Integrate Windows Virtual Machine with GNS3 = GNS3+GNS3 VM + Windows 10 VM + Cisco
GNS3 Talks: Integrate Windows Virtual Machine with GNS3 = GNS3+GNS3 VM + Windows 10 VM + Cisco
David Bombal
 53 GNS3 GUI and VM upgrade on Mac OS X: How to upgrade to 1.5.3 (includes GNS3 VM upgrade process)
GNS3 GUI and VM upgrade on Mac OS X: How to upgrade to 1.5.3 (includes GNS3 VM upgrade process)
David Bombal
 54 CCNA #025 EIGRP Neighbor Troubleshooting for the CCNA 200-125 Exam
CCNA #025 EIGRP Neighbor Troubleshooting for the CCNA 200-125 Exam
David Bombal
 55 CCNA #026 EIGRP Neighbor Troubleshooting (no neighbors) for the CCNA 200-125 Exam
CCNA #026 EIGRP Neighbor Troubleshooting (no neighbors) for the CCNA 200-125 Exam
David Bombal
 56 GNS3 2.0 Architecture and schema Part 1: What is the GNS3 Controller?
GNS3 2.0 Architecture and schema Part 1: What is the GNS3 Controller?
David Bombal
 57 GNS3 2.0 Architecture and schema Part 2: Emulators and virtualization
GNS3 2.0 Architecture and schema Part 2: Emulators and virtualization
David Bombal
 58 CCNA #027 200-125 Exam: MAC OS Simulator - are you ready for exam sims?
CCNA #027 200-125 Exam: MAC OS Simulator - are you ready for exam sims?
David Bombal
 59 GNS3 Talks: Mac OS with Windows 10 Virtual Machine = Mac+GNS3+GNS3 VM+Windows 10 VM+Cisco
GNS3 Talks: Mac OS with Windows 10 Virtual Machine = Mac+GNS3+GNS3 VM+Windows 10 VM+Cisco
David Bombal
 60 GNS3 2.0 New Features: Smart packet capture and capture on any link
GNS3 2.0 New Features: Smart packet capture and capture on any link
David Bombal
Cookie banners manufactured consent #Vergecast
Next Up
Cookie banners manufactured consent #Vergecast
The Verge