Case Studies of Award-Winning XSS Attacks: Part 2

Focused View

Dawid Czagan

38:33

78 View

2 - XSS via XML

XSS via XML - Demo.mp4

04:53

XSS via XML - Overview.mp4

02:24

3 - XSS via Location.href

XSS via Location.href - Demo.mp4

05:03

XSS via Location.href - Overview.mp4

05:08

4 - XSS via Vbscript

XSS via Vbscript - - Demo.mp4

05:43

XSS via Vbscript - - Overview.mp4

04:22

5 - From XSS to Remote Code Execution

From XSS to Remote Code Execution - Demo.mp4

03:24

From XSS to Remote Code Execution - Overview.mp4

04:48

6 - Summary

Summary.mp4

02:48

Description

Learn How to Find Award-Winning XSSs in Modern Web Applications

What You'll Learn?

Learn How Hackers Earn a 4-digit Reward ($$$$) per Single XSS
Discover How to Find These XSSs Step-by-step in Practice (DEMOS)
Become a Successful Bug Hunter
Learn From One of The Top Hackers at HackerOne

Who is this for?

Penetration testers, ethical hackers, bug hunters, security engineers / consultants

More details

Description
This course is the follow-up to one of my previous courses â€“ "Case-Studies of Award-Winning XSS Attacks: Part 1". We will continue our XSS hunting journey and you will learn more about award-winning XSS attacks.
There are many people hunting for XSSs, but only a few of them are successful and earn a 4â€‘digit ($$$$) reward per single XSS. What makes them successful? They focus on nonâ€‘standard XSSs and this is exactly what I present in this course!
Iâ€™m one of the top hackers at HackerOne (among more than 100,000 registered hackers), and I really know how to make money out there. If you want to become a successful XSS hunter, then this course is just for you.
In Part 2 of Case-Studies of Award-Winning XSS Attacks, you will learn about the following non-standard XSS attacks:
1. XSS via XML
2. XSS via location.href
3. XSS via vbscript:
4. From XSS to Remote Code Execution
For every single bug there is a DEMO so that you can see how to find these bugs step-by-step in practice.
Do you want to become a successful XSS hunter? Letâ€™s enroll to this course and continue our exciting journey.
If you are interested in more award-winning XSS attacks, then I also recommend you to see the course "Case-Studies of Award-Winning XSS Attacks: Part 1".
Who this course is for:
Penetration testers, ethical hackers, bug hunters, security engineers / consultants

User Reviews

Rating

average 0

Total votes0

Focused display

Dawid Czagan is listed among Top 10 Hackers (HackerOne). He has found security vulnerabilities in Google, Yahoo, Mozilla, Microsoft, Twitter and other companies. Due to the severity of many bugs, he received numerous awards for his findings.Dawid Czagan shares his security bug hunting experience in his hands-on trainings “Hacking Web Applications – Case Studies of Award-Winning Bugs in Google, Yahoo, Mozilla and More” and “Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation”. He delivered security training courses at key industry conferences such as Hack In The Box (Amsterdam), CanSecWest (Vancouver), 44CON (London), Hack In Paris (Paris), DeepSec (Vienna), HITB GSEC (Singapore), BruCON (Ghent) and for many corporate clients. His students include security specialists from Oracle, Adobe, ESET, ING, Red Hat, Trend Micro, Philips and government sector.Dawid Czagan is a founder and CEO at Silesia Security Lab – a company which delivers specialized security testing and training services. To find out about the latest in Dawid Czagan’s work, you are invited to follow him on Twitter.

Udemy

View courses Udemy

Students take courses primarily to improve job-related skills.Some courses generate credit toward technical certification. Udemy has made a special effort to attract corporate trainers seeking to create coursework for employees of their company.