I'm working my way through the PNPT cert and on the web portion it covers the basics of XSS attacks (reflected, stored, DOM), then it shows you how to do a few examples.
I'm trying to build a methodology but it's a bit challenging. Most resources online either just tell you about XSS attacks and how to prevent them, how to solve very specific examples, or their methodologies are for more advanced situations beyond the scope of the course (i.e. filter and WAF bypassing).
I have a decent understanding on how each type works, but when faced with a challenge, my mind blanks out on how or where to start. Any tips on this?
[link] [comments]
from hacking: security in practice https://ift.tt/yGQ5X04
Comments
Post a Comment