Giters

ShubhamJagtap2000 / Cross-site-Scripting

🐞 Understand how cross-site scripting occurs, how to detect and exploit XSS vulnerabilities, giving you control of other visitor's browsers.

Home Page:https://tryhackme.com/room/xss

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

bugbountycross-site-scriptingcybersecurityethical-hackingexploitationhacktoberfesthacktoberfest2022hactoberfest-acceptedowasp-top-10penetration-testingvulnerabilitiesxss

Cross-site-Scripting (XSS) Walkthrough

Purpose of this repository

  1. Understand how cross-site scripting occurs and how to exploit it.
  2. Learn how to detect and exploit XSS vulnerabilities, giving you control of other visitor's browsers.
  3. This repo is open for contributions.

Screenshot (869)

Learning Resources

TryHackMe XSS Hacktivity Room 1

TryHackMe XSS Hacktivity Room 2

Table of Content

1. Introduction to XSS
2. Deploy the Machine

Deploy XSS Playground

3. XSS Payloads

Payload List

4. Stored XSS

Sample Payloads
Stored XSS Approach
Used Payloads
Scripts

5. Reflected XSS

Reflected XSS Approach
Sample Payloads

6. DOM XSS

DOM XSS Approach
Sample Payloads

7. Blind XSS
8. XSS For IP and Port Scanning

Used Scripts

9. Key-Logger With XSS
10. Filter Evasion

Scripts Used

11. Perfecting Your Payload

Level 1
Level 2
Level 3
Level 4
Level 5
Level 6
Payload List

12. Blilnd XSS Practical

Used Payloads

13. Protection Methods

Escaping
Validating Input
Sanitizing

14. Other Exploits

BeEF Tool

15. Further Learning

Important Links
XSS Reports
TryHackMe Rooms

16. XSS Polyglots
17. QnAs

⭐ this repo

About

🐞 Understand how cross-site scripting occurs, how to detect and exploit XSS vulnerabilities, giving you control of other visitor's browsers.

https://tryhackme.com/room/xss

bugbountycross-site-scriptingcybersecurityethical-hackingexploitationhacktoberfesthacktoberfest2022hactoberfest-acceptedowasp-top-10penetration-testingvulnerabilitiesxss

License:MIT License

Languages

Language:JavaScript 91.7%Language:HTML 8.3%