Description

Type

Course
Methodology

Online

Start date

Different dates available

The course is specifically designed to understand Cross Site Scripting Vulnerability with a complete Practical Hands-On Experience. This course will train the students to setup their own local penetration testing environment to practice in a safe and contained environment. The students will learn what Cross Site Scripting Vulnerability really is, and how different types of XSS works? Then they will follow an Attacking Approach to deeply understand how XSS attacks happen in real life. They will learn to use different vulnerability scanners to find XSS vulnerabilities. They will also learn to prevent and restrict XSS attacks by using methods like - Escaping User Input, Content Security Policy, etc, thus following a Defensive Approach, hence then name of the course: “Cross Site Scripting: Attack & Defense”, and last but not the least, they will learn to use different cheat sheets to evade WAFs and Firewalls, and also to prevent XSS attacks by implementing secure coding practices and proper handling of untrusted data.

Facilities

Online

Start date

Different dates availableEnrolment now open

About this course

Course objectives

Setup Lab Environment and test for XSS Vulnerability
Cross Site Scripting Fundamentals
How different types of Cross Site Scripting Works?
Perform Different Cross Site Scripting Attacks - Phishing, Cookie Stealing & Session Hijacking
Use Automated Scanners like Wapiti, Uniscan, OWASP ZAP, Burp Suite Pro, to find and exploit XSS and to generate a detailed report
Difference between Passive and Active Scan
Apply Security Measures
Prevent or Restrict XSS using different Defensive Solutions - Esccaping User Input, Content Security Policy, Using Appropriate Sources and SInks, etc.
Difference between BlackListing and WhiteListing Approach
Use Filter Evasion Cheat Sheets to bypass WAFs and Firewalls, and Prevention Cheat Sheets to implement secure coding practices,and learn proper handling of untrusted data
Use different libraries and modules to add an extra security layer in web applications

Questions & Answers

Add your question

Our advisors and other users will be able to reply to you

Who would you like to address this question to?

All
Students
Centre

Fill in your details to get a reply

We will only publish your name and question

Reviews

This centre's achievements

2021

How do you get the CUM LAUDE seal?

All courses are up to date

The average rating is higher than 3.7

More than 50 reviews in the last 12 months

This centre has featured on Emagister for 4 years

Subjects

Approach

Course programme

Introduction 1 lecture 05:50 1 - Introduction to the Course Introduction 1 lecture 05:50 1 - Introduction to the Course 1 - Introduction to the Course 1 - Introduction to the Course 1 - Introduction to the Course 1 - Introduction to the Course Lab Setup 1 lecture 08:41 2 - Installing and Configuring DVWA Lab Setup 1 lecture 08:41 2 - Installing and Configuring DVWA 2 - Installing and Configuring DVWA 2 - Installing and Configuring DVWA 2 - Installing and Configuring DVWA 2 - Installing and Configuring DVWA XSS Fundamentals and Different Types 4 lectures 37:31 3 - Introduction to Cross Site Scripting 4 - Stored XSS 5 - Reflected XSS 6 - Dom Based XSS XSS Fundamentals and Different Types 4 lectures 37:31 3 - Introduction to Cross Site Scripting 4 - Stored XSS 5 - Reflected XSS 6 - Dom Based XSS 3 - Introduction to Cross Site Scripting 3 - Introduction to Cross Site Scripting 3 - Introduction to Cross Site Scripting 3 - Introduction to Cross Site Scripting 4 - Stored XSS 4 - Stored XSS 4 - Stored XSS 4 - Stored XSS 5 - Reflected XSS 5 - Reflected XSS 5 - Reflected XSS 5 - Reflected XSS 6 - Dom Based XSS 6 - Dom Based XSS 6 - Dom Based XSS 6 - Dom Based XSS XSS Attacks 2 lectures 17:45 7 - Cookie Stealing with XSS 8 - Phishing Attack XSS Attacks 2 lectures 17:45 7 - Cookie Stealing with XSS 8 - Phishing Attack 7 - Cookie Stealing with XSS 7 - Cookie Stealing with XSS 7 - Cookie Stealing with XSS 7 - Cookie Stealing with XSS 8 - Phishing Attack 8 - Phishing Attack 8 - Phishing Attack 8 - Phishing Attack Scanning XSS 5 lectures 40:42 9 - Wapiti Vulnerability Scanner 10 - Uniscan Vulnerability Scanner 11 - Finding XSS with OWASP ZAP - Part 1 12 - Finding XSS with OWASP ZAP - Part 2 13 - Finding XSS with Burp Suite Pro Scanning XSS 5 lectures 40:42 9 - Wapiti Vulnerability Scanner 10 - Uniscan Vulnerability Scanner 11 - Finding XSS with OWASP ZAP - Part 1 12 - Finding XSS with OWASP ZAP - Part 2 13 - Finding XSS with Burp Suite Pro 9 - Wapiti Vulnerability Scanner 9 - Wapiti Vulnerability Scanner 9 - Wapiti Vulnerability Scanner 9 - Wapiti Vulnerability Scanner 10 - Uniscan Vulnerability Scanner 10 - Uniscan Vulnerability Scanner 10 - Uniscan Vulnerability Scanner 10 - Uniscan Vulnerability Scanner 11 - Finding XSS with OWASP ZAP - Part 1 11 - Finding XSS with OWASP ZAP - Part 1 11 - Finding XSS with OWASP ZAP - Part 1 11 - Finding XSS with OWASP ZAP - Part 1 12 - Finding XSS with OWASP ZAP - Part 2 12 - Finding XSS with OWASP ZAP - Part 2 12 - Finding XSS with OWASP ZAP - Part 2 12 - Finding XSS with OWASP ZAP - Part 2 13 - Finding XSS with Burp Suite Pro 13 - Finding XSS with Burp Suite Pro 13 - Finding XSS with Burp Suite Pro 13 - Finding XSS with Burp Suite Pro Preventing XSS 4 lectures 38:42 14 - Preventing XSS_Escaping User Input 15 - Preventing XSS_Content Security Policy - Part 1 16 - Preventing XSS_Content Security Policy - Part 2 17 - Preventing Dom Based XSS Preventing XSS 4 lectures 38:42 14 - Preventing XSS_Escaping User Input 15 - Preventing XSS_Content Security Policy - Part 1 16 - Preventing XSS_Content Security Policy - Part 2 17 - Preventing Dom Based XSS 14 - Preventing XSS_Escaping User Input 14 - Preventing XSS_Escaping User Input 14 - Preventing XSS_Escaping User Input 14 - Preventing XSS_Escaping User Input 15 - Preventing XSS_Content Security Policy - Part 1 15 - Preventing XSS_Content Security Policy - Part 1 15 - Preventing XSS_Content Security Policy - Part 1 15 - Preventing XSS_Content Security Policy - Part 1 16 - Preventing XSS_Content Security Policy - Part 2 16 - Preventing XSS_Content Security Policy - Part 2 16 - Preventing XSS_Content Security Policy - Part 2 16 - Preventing XSS_Content Security Policy - Part 2 17 - Preventing Dom Based XSS 17 - Preventing Dom Based XSS 17 - Preventing Dom Based XSS 17 - Preventing Dom Based XSS Cheat Sheets 1 lecture 23:21 18 - Cheat Sheets Cheat Sheets 1 lecture 23:21 18 - Cheat Sheets 18 - Cheat Sheets 18 - Cheat Sheets 18 - Cheat Sheets 18 - Cheat Sheets Libraries and Modules 1 lecture 14:34 19 - Libraries & Modules Libraries and Modules 1 lecture 14:34 19 - Libraries & Modules 19 - Libraries & Modules 19 - Libraries & Modules 19 - Libraries & Modules 19 - Libraries & Modules

Additional information

Good Knowledge of HTML and JavaScript (Basic HTML tags, JavaScript Functions) Basic Knowledge of HTTP Client-Server Architecture (How a client sends a request and a server sends a response back to the client?) Basic Knowledge of Linux Commands and tools (Moving a file, Copying a file, Starting Services etc.) Optional Knowledge of Server Side Programming Language like PHP OWASP top 10 (Not Mandatory) Understanding of Virtualization Softwares like VMware/VirtualBox (Not Mandatory)

See related categories

Contact us

Cross Site Scripting: Attack & Defense

Questions & Answers

Reviews

This centre's achievements

Subjects

Course programme

Add similar courses
and compare them to help you choose.

Cross Site Scripting: Attack & Defense

Questions & Answers

Reviews

This centre's achievements

Subjects

Course programme

Add similar coursesand compare them to help you choose.

Add similar courses
and compare them to help you choose.