Premium Resources

Training Courses

Free Resources

Cross Site Scripting

XSS enables attackers to inject client-side scripts into web pages by exploiting vulnerabilities in dynamically generated web pages. An attacker can execute malicious scripts (also commonly referred to as a malicious payload) into a legitimate website or web application and cause various damages including data theft, session hijacking, redirecting the web page to another website, etc.

Reflected XSS:

Here the attacker will send a script as an input, and the attacker's contents will be reflected back to the victim. He can craft malicious scripts to get session cookies, redirect to a malicious web page, inject data, execute system commands and much more.

Reflected XSS

Source: https://itechhacks.com/xss-full-guide-tutorials/

Stored XSS:

Here the input entered by the attacker will be stored in the database; e.g. blog. Anyone visiting the page will have this script running, thus affecting everyone who visits that page.

Stored XSS

Source: https://itechhacks.com/xss-full-guide-tutorials/

Denial of Service attack:

An attacker with/without the help of bots can flood the target system and reduce, restrict or prevent the target system from providing service to the authorised clients.

Related Topics

What is Hacking? What is Ethical Hacking? Who is an Ethical Hacker?

CIA Triangle Important characteristics of Information Security, Functionality and Usability Triangle Phases of Hacking Different types of attacks Vulnerability Assessment Penetration Testing Information Security Laws, Standards and frameworks

What is Footprinting Objectives of Footprinting Footprinting Methodology

What is Scanning? Network Scanning Scanning Methodology

Enumeration and its Types NetBIOS Enumeration SNMP Enumeration LDAP Enumeration NTP Enumeration SMTP Enumeration DNS Enumeration

Goals of System Hacking Gaining Access Privilege Escalation Executing Applications Hiding Files Covering Tracks

Introduction to Malware Threats and its Types Virus Trojans Worms Rootkits, Spyware and Ransomware How to Detect Malicious Software

Sniffing and its Types ARP and CAM Table Active Sniffing Attacks DHCP Poisoning

Social Engineering and its Attacks Computer and Mobile Based Social Engineering

Denial of Service attacks and its Types

Session Hijacking and its Types Session Hijacking Process Session Hijacking Levels Network or TCP Session Hijacking

Web Server and its Types of Attacks

Web Application and its types of Attacks Injection Flaws Cross-Site Scripting Web Services Attacks Hacking Methodology

Introduction to SQL Injection Types of SQL Injection

Introduction to Hacking Wireless Networks Encryption Types Wi-Fi Attacks

Introduction to Hacking Mobile Devices Android Types of Android Attacks IOS Mobile Device Management

Firewall IDS: Intrusion Detection System Ways of Detecting Attacks

Introduction to Cryptography PKI: Public Key Infrastructure SSL: Secure Socket Layer

Introduction to Cloud Computing Types of Cloud Computing Benefits, Threats, and Attacks on Cloud Computing Security in Cloud

Premium Resources

Free Resources

Cross Site Scripting

Reflected XSS:

Stored XSS:

Related Topics

Company

Resources

Bootcamps

Premium Resources

Free Resources

Cross Site Scripting

Reflected XSS:

Stored XSS:

Related Topics

Ethical Hacking

Introduction to Ethical Hacking

Footprinting and Reconnaissance

Scanning

Enumeration

System Hacking

Malware Threats

Sniffing

Social Engineering

Denial of Service

Session Hijacking

Hacking Web Servers

Web Application Attacks

SQL Injection

Hacking Wireless Networks

Hacking Mobile Devices

Evading Firewall/IDS and Honey Bots

Cryptography

Cloud Computing