YoVDO

Finding XSS on Apple.com and Building a Proof of Concept to Leak Your PII

Offered By: NahamSec via YouTube

Tags

Conference Talks Courses Cybersecurity Courses Ethical Hacking Courses Cross-Site Scripting (XSS) Courses

Course Description

Overview

Explore a conference talk from #NahamCon2022 featuring @zseano, who demonstrates the process of discovering and exploiting a cross-site scripting (XSS) vulnerability on .apple.com. Learn about initial reconnaissance techniques, fuzzing for XSS, achieving a working exploit, and building a proof of concept to potentially leak personally identifiable information (PII). Follow along as the speaker walks through each step of the bug bounty process, from initial discovery to crafting a compelling report. Gain insights into the mindset and methodology of successful bug hunters, and discover how to approach high-profile targets like Apple's domain.

Syllabus

Intro
Initial Recon & starting to fuzz for XSS
Achieving XSS
Working XSS - now what?
Back to recon
Building a proof of concept
Bounty?


Taught by

NahamSec

Related Courses

Computer Security
Stanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network