XSS Rat shows us how he hacks websites in 5 minutes and get customers. He approaches companies and gives them 1 hour of free consultancy. But, he is often able to hack their website in 5 minutes – and gain a new client 🙂 He then shows them how they can better secure their websites against actual attacks.

// MENU //
00:00 – Coming up // Hacking websites in 5 minutes!
00:48 – Intro & Disclaimer
00:59 – How to hack websites with XSS

02:17 – Hacking websites demo
03:10 – CAPTCHA vulnerability
04:49 – CSRF token vulnerability
17:19 – Changing emails
20:36 – Client Side Template Injection
24:30 – Mass Assignment vulnerability
28:23 – Open Redirect vulnerability
31:54 – Stealing session tokens
34:44 – JWT vulnerability
38:37 – WordPress // Don’t use plugins!
39:10 – Even experts can make mistakes
40:38 – Recommended security scanners
41:05 – Account takeover vulnerabilities
45:37 – Fight the cheese monster! // hackerats.com
52:00 – Thanks XSS Rat! // Free labs on hackxpert.com
52:52 – What to expect in the next video
53:26 – Conclusion

// Previous video //
XSS hacking: https://youtu.be/PzRQhpbYbeg

// Demo Sites //
This video: https://hackxpert.com/00032422342/ratsite/
Others mentioned:
https://hackxpert.com/labs
https://hackxpert.com/ratsite

// David’s SOCIAL //

================
Connect with me:
================
Discord: http://discord.davidbombal.com

Twitter: https://www.twitter.com/davidbombal
Instagram: https://www.instagram.com/davidbombal
LinkedIn: https://www.linkedin.com/in/davidbombal
Facebook: https://www.facebook.com/davidbombal.co
TikTok: http://tiktok.com/@davidbombal
YouTube Main Channel https://www.youtube.com/davidbombal
YouTube Tech Channel: https://www.youtube.com/channel/UCZTIRrENWr_rjVoA7BcUE_A
YouTube Clips Channel: https://www.youtube.com/channel/UCbY5wGxQgIiAeMdNkW5wM6Q
YouTube Shorts Channel: https://www.youtube.com/channel/UCEyCubIF0e8MYi1jkgVepKg
Apple Podcast: https://davidbombal.wiki/applepodcast
Spotify Podcast: https://open.spotify.com/show/3f6k6gERfuriI96efWWLQQ

================
Support me:
================
Or, buy my CCNA course and support me:
DavidBombal.com: CCNA ($10): http://bit.ly/yt999ccna

Udemy CCNA Course: https://bit.ly/ccnafor10dollars
GNS3 CCNA Course: CCNA ($10): https://bit.ly/gns3ccna10

// XSS Rat SOCIAL //
Twitter: https://twitter.com/theXSSrat
YouTube: youtube.com/c/TheXSSrat
Website: https://thexssrat.podia.com/

// XSS Rat’s Udemy course //
XSS Survival Guide: https://www.udemy.com/course/xss-survival-guide/

// XSS Rat’s courses and bootcamps //
https://thexssrat.podia.com/

// MY STUFF //
https://www.amazon.com/shop/davidbombal

// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com

xss
cross site scripting
portswigger
ajax
jscript
javascript
xss attack
xss video tutorial
xss attack tutorial
xss explained
xss attack example
xss bug bounty
xss tutorial
xss vulnerability
xss vs csrf attack
xss example
xsser
xsssa facebook
xsssa
kali linux
penetration testing
ethical hacking
bug bounty
cross site scripting
cross-site scripting
red teaming
cyber security
kali linux install
kali linux 2022
ethical hacker course
ethical hacker
javascript
ajax
jquery
node js
node js hacking
portswigger

Disclaimer: This video is for educational purposes only.

Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended.

Thank you for supporting me and this channel!

#xss #javascript #hacking

subscribe
  • David Bombal