Bug Bounty Hunting For Client-Side Injections Part II - Reflected & Stored Cross-Site Scripting XSS скачать в хорошем качестве

Bug Bounty Hunting For Client-Side Injections Part II - Reflected & Stored Cross-Site Scripting XSS

🚀🔥🙏 Please consider becoming a member to support my work 🙏🔥🚀 Patreon -   / rs0n   Support! - https://buymeacoffee.com/rs0n.evolv3 New Discord! -   / discord   Hire Me! - https://ars0nsecurity.com Watch Live! -   / rs0n_live   Free Tools! - https://github.com/R-s0n Connect! -   / harrison-richardson-rs0n-7a55bb158   90% of the questions I get are about Cross-Site Scripting (XSS) and other Client-Side Injection attacks. Part I covered getting a client-side injection to execute, sometimes called "Popping an Alert". This video is the second in this series and covers weaponizing Reflected and Stored XSS. Part III will wrap up this series with weaponizing Dom-Based XSS, Client-Side Prototype Pollution (CSPP), and Blind XSS. I hope it helps!! Part I -    • Bug Bounty Hunting for Client-Side Injecti...   Repo - https://github.com/R-s0n/client-side-... 00:15 - Start of Slide Deck Presentation 08:10 - Types of Client-Side Injections 23:55 - Review Compensating Controls 51:33 - Weaponizing Client-Side Injections (Clip 1) 1:25:55 - Wrapping Up Slide Deck Presentation 1:27:18 - Setting Up the Lab 1:39:18 - How to Use the Training Lab 2:05:50 - Finding Good Targets for XSS (Clip 2) 2:40:41 - Showing Impact Using HIPAA 2:52:47 - Scanning for Reflected XSS Attack Vectors 3:37:10 - Finding Stored XSS Attack Vectors 4:32:30 - Weaponizing Reflected XSS (Clip 3) 6:09:07 - Weaponizing Stored XSS 7:19:40 - Wrap Up & Plans for Part III