Finding XSS on Apple.com and Building a Proof of Concept to Leak Your PII
Offered By: NahamSec via YouTube
Course Description
Overview
Explore a conference talk from #NahamCon2022 featuring @zseano, who demonstrates the process of discovering and exploiting a cross-site scripting (XSS) vulnerability on .apple.com. Learn about initial reconnaissance techniques, fuzzing for XSS, achieving a working exploit, and building a proof of concept to potentially leak personally identifiable information (PII). Follow along as the speaker walks through each step of the bug bounty process, from initial discovery to crafting a compelling report. Gain insights into the mindset and methodology of successful bug hunters, and discover how to approach high-profile targets like Apple's domain.
Syllabus
Intro
Initial Recon & starting to fuzz for XSS
Achieving XSS
Working XSS - now what?
Back to recon
Building a proof of concept
Bounty?
Taught by
NahamSec
Related Courses
Ethical HackingIndian Institute of Technology, Kharagpur via Swayam Investigación en Informática Forense y Ciberderecho
University of Extremadura via Miríadax MSc Cyber Security
Coventry University via FutureLearn Network Security - Introduction to Network Security
New York University (NYU) via edX Network Security - Advanced Topics
New York University (NYU) via edX