Hey Everyone ! Surendra Here ! Back With another Blog

This blog is a Part of “hacking source — all in one” YouTube series . If you don’t see this series introduction video then i highly recommend to watch it before get into blog.

Video link — https://www.youtube.com/watch?v=gBWLiZJE4R0

So Today’s topic is XSS(cross site scripting ) . We will see all the resource which is free available on internet and learn how to learn them in a Right sequence .

That’s Why we follow a structure , which is given below -

1.Basic Need to learn Cross site script .
2.Learn what is xss and how it’s work , type of xss , xss payload etc..
3.Hands on xss using lab .
4.Read real world found xss bug bounty reports .
5.Bonus !!

Let’s get start -

1.Basic Need to learn Cross site script :- Before you get into to learn xss you need to understand basic JavaScript , which is help you to understand XSS more effectively !

Source link to learn Basic JavaScript -

a.{Hindi}https://www.youtube.com/watch?v=hKB-YGF14SY&t=5143s b.{Hindi}https://www.youtube.com/watch?v=-lCF2t6iuUc&t=3s c.{English}https://www.youtube.com/watch?v=PkZNo7MFNFg

2.Learn what is xss and how it's work , type of xss , xss payload etc.. :- If you are totally new in xss then first you need to learn the concept of xss , and i think videos is butter way to introduce you to new thing because we can learn from videos more faster compare to other. so here is source links -

https://www.youtube.com/watch?v=GJd77zMLpJU [how to find xss in real world]

b.{English} - https://www.youtube.com/watch?v=EoaDgUgS6QA [personally my favorite]

https://www.youtube.com/watch?v=M_nIIcKTxGk&list=PL1A2CSdiySGIRec2pvDMkYNi3iRO89Zot [full playlist]

https://www.youtube.com/watch?v=cWu_FJUrH5Y&t=762s

https://www.youtube.com/watch?v=gkMl1suyj3M

3.Hands on xss using lab :- Okay Now you learn all about xss in theory ! Now it's time practice your xss skill throw hands on labs. source for practice xss on labs -

a.https://portswigger.net/web-security/cross-site-scripting (30 labs free)

b.https://xss.pwnfunction.com/

c.https://thexssrat.podia.com/free-labs (there are many lab but you can only focus
on xss)

4.Read real world found xss bug bounty reports - It's important to know how people find xss vulnerabilities in real world , so you can also found .

b.search on medium

c.search on google like - "xss vulnerability bug bounty reports"

d.Find xss reports on hacker-one hacktivist

5.Bonus - All payload in one place on GitHub :-

GitHub Repo link - https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XSS%20Injection

Okay after doing of these step now you are ready to find xss ! go and hunt on real world website , Best of luck ✌ !

You can subscribe my YouTube channel for future hacking related videos and updates !!
Channel link - https://www.youtube.com/c/TechnicalSurendrachannel

Thanks for reading this blog , If you find it valuable then give a applaud 👏👏 ,
Follow me & Share this blog to your friends and other community . i will see you in next blog . Till then keep learning keep exploring !

Peace ✌ !

My social medial accounts -
Tweeter - https://twitter.com/technicalSure
YouTube - https://www.youtube.com/channel/UCZq87M0I0-zEfLuyyfEeE6Q
Instagram - https://www.instagram.com/surendra_choudhary1241/
Linkedin - https://www.linkedin.com/in/surendra-choudhary-4066761b7/