Cross-site scripting (XSS) یکی از رایج ترین آسیب پذیری های مورد بهره برداری در برنامه های وب است. به عنوان یک برنامه وب Pentester یا Bounty Bounty Hunter ، درک این امر از اهمیت حیاتی برخوردار است که چه عواملی باعث آسیب پذیری XSS ، نحوه شناسایی آنها می شود و چگونه می توان از آنها بهره برداری کرد. آسیب پذیری های Cross-site scripting (XSS) اغلب به دلیل عدم آگاهی در مورد چگونگی اسلحه JavaScript توسط مهاجمان ، مورد سوء تفاهم قرار می گیرند و مورد توجه قرار نمی گیرند. این دوره شما را به اسکریپت های متقابل در سایت معرفی می کند ، تفاوت بین XSS ذخیره شده ، بازتاب یافته و DOM را توضیح می دهد و به شما نشان می دهد که چگونه می توانید آسیب پذیری های XSS را در برنامه های وب از طریق ترکیبی از تکنیک های دستی و خودکار شناسایی و بهره برداری کنید.
لینک دانلود دوره آموزشی INE – Web Application Penetration Testing: XSS Attacks
حجم: 3.23 گیگابایت
دانلود – بخش اول
دانلود – بخش دوم
دانلود – بخش سوم
دانلود – بخش چهارم
رمز فايل: technet24.ir
Date: 2023
Publisher: INE
By: Alexis Ahmed
Duration: 8h 52m
Difficulty Level: Professional
Cross-site scripting (XSS) is one of the most commonly exploited vulnerabilities in web applications. As a web application pentester or bug bounty hunter, it is vitally important to understand what causes XSS vulnerabilities, how they can be identified, and how they can be exploited. Cross-site scripting (XSS) vulnerabilities are often misunderstood and overlooked by developers primarily due to a lack of knowledge on how Javascript can be weaponized by attackers. This course will introduce you to Cross-site scripting, explain the difference between Stored, Reflected, and DOM-Based XSS, and will show you how to identify and exploit XSS vulnerabilities in web applications through a mix of both manual and automated techniques.
Welcome
Introduction
Activities:1
Course Introduction
Introduction to XSS Attacks
Activities:7
Introduction to Cross-Site Scripting (XSS)
Test your knowledge: Introduction to Cross-Site Scripting (XSS)
Javascript Primer
Test your knowledge: Javascript Primer
Anatomy of a Cross-Site Scripting Attack
Test your knowledge: Anatomy of a Cross-Site Scripting Attack
XSS: Cross-Site Scripting Attacks
Reflected XSS
Activities:7
Introduction to Reflected XSS
Test your knowledge: Introduction to Reflected XSS
Reflected XSS
Exploiting Reflected XSS Vulnerabilities in WordPress
Test your knowledge: Exploiting Reflected XSS Vulnerabilities in WordPress CVE-2018-9034
Cookie Stealing Via Reflected XSS
Stored XSS
Activities:5
Introduction to Stored XSS
Test your knowledge: Introduction to Stored XSS
ApPHP MicroBlog
Exploiting Stored XSS Vulnerabilities in MyBB Forum
MyBB Downloads Plugin
DOM-Based XSS
Activities:5
Introduction to DOM-Based XSS
Test your knowledge: Introduction to DOM-Based XSS
Exploiting DOM-Based XSS Vulnerabilities
Test your knowledge: Exploiting DOM-Based XSS Vulnerabilities
Exploiting DOM-Based XSS Vulnerabilities
XSS Tools
Activities:2
Identifying & Exploiting XSS Vulnerabilities with XSSer
XSS Attack with XSSer
Goodbye
Conclusion
Activities:1
Course Conclusion
Hello, thank you for your updated site. I already had a yearly subscription, but I want to get an unlimited subscription. What should I do now? Thank
Thank you for choosing the site
Please send a ticket in this regard.
سلام. آیا امکانش هست دوره کاملش رو قرار بدید؟
https://ine.com/learning/courses/web-application-penetration-testing