Workshop 07 - Cross-Site Scripting

Have you built a website or web app? Have you ever wondered what kind of dangerous things can happen or what’s the most common form of attack? The answer turns out to be Cross-Site Scripting a.k.a XSS. This deadly kind of vulnerability accounts for over 70% of a web application hacking and is ranked #1 in OWASP Top 10 vulnerabilities. In this workshop, we are going to take a closer look at XSS and try to understand what makes it so deadly. We will cover what are the common attack vectors hackers target and how to protect your applications against. Finally, we will share some of the best resources out there to learn advanced XSS, practice it safely and mitigation strategies to protect yourself against this attack.

Agenda of the event:

  1. Introduction to XSS
  2. Brief discussion of different types
  3. What Damage XSS can do
  4. How an XSS attack is initiated (Common attack vectors)
  5. Hands on demo (continued)
  6. Useful resources

The workshop will be online on Discord as we've been doing for a while now. Join here if you haven't already!