LFGA Web
XSS - Learning section
The Portswigger Web Academy
Link: XSS
After the activity
You now know:
- What an XSS is.
- How XSS works.
- Types of XSS attacks
- What reflected cross-site scripting is.
- How to exploit Reflected cross-site scripting.
- What reflected Stored cross-site scripting is.
- How to exploit Stored cross-site scripting.
- What reflected DOM-based cross-site scripting is.
- How to exploit DOM-based cross-site scripting.
- What XSS could be used for.
- The impact of XSS vulnerabilities.
- Some XSS payloads.
TryHackMe
Just like a review let's do this activity in TryHackMe.
After the activity
You now know:
- What an XSS is.
- How to exploit Reflected cross-site scripting.
- How to exploit Stored cross-site scripting.
- How to exploit DOM-based cross-site scripting.
- Some XSS payloads.
PayloadAllTheThings
Also remember that you can always visit PayloadAllTheThings if you need a payload or a brief explanation.
Link: XSS
Info!
There are many ways to exploit XSS and we will see different examples in the challenge section