YoVDO

Finding XSS on Apple.com and Building a Proof of Concept to Leak Your PII

Offered By: NahamSec via YouTube

Tags

Conference Talks Courses Cybersecurity Courses Ethical Hacking Courses Cross-Site Scripting (XSS) Courses

Course Description

Overview

Explore a conference talk from #NahamCon2022 featuring @zseano, who demonstrates the process of discovering and exploiting a cross-site scripting (XSS) vulnerability on .apple.com. Learn about initial reconnaissance techniques, fuzzing for XSS, achieving a working exploit, and building a proof of concept to potentially leak personally identifiable information (PII). Follow along as the speaker walks through each step of the bug bounty process, from initial discovery to crafting a compelling report. Gain insights into the mindset and methodology of successful bug hunters, and discover how to approach high-profile targets like Apple's domain.

Syllabus

Intro
Initial Recon & starting to fuzz for XSS
Achieving XSS
Working XSS - now what?
Back to recon
Building a proof of concept
Bounty?


Taught by

NahamSec

Related Courses

Building Geospatial Apps on Postgres, PostGIS, & Citus at Large Scale
Microsoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube