haha thanks. unfortunately i took it down lol. gonna post the series again but a little more polished lol. Web app security stuff coming, deep dive. get ready. we are finding our first bugs on hacker one together.

So we are going to start by completing all 30 or so Portwisgger labs on XSS. XSS is a great place to start. Let's get really goot at it. So for today, lets do the first four portswigger labs on xss. And then we will complete the first module of the bug bounty job path on hack the box. the first module is easy, it's jsut about curl and a basic things about client / server model and all that stuff. Damn i kinda feel like doing the second module too. Lets do two. So remember, this is our two pronged attack. Hitting web app security from two different angles. HackTheBox AND Portswigger. ANd we can always add more. So remember,

so for the first three xss labs, watch the z3nsh3ll video for each one. And then try to do the lab yourself without looking at the solution. So in my video that i will soon post i might hit a few extra things like I might explain a few thing in even more detail or ya know ill teach something good in it promise. ANd just to prove to you that im keeping up with what i am saying so that we can all hold each other accountable. That i really went through 4 labs at understood them and yada yada yada.

So that’s a lot for our first day at this — 4 PortSwigger labs on XSS and the first two modules of the Hack The Box Bug Bounty Job Path. Ya know, just a bit for the first day. We will rev up as time goes by. I can't wait for all of us to make money.

k

Thank you for coming to my sillyforum. more interesting features on the way, and a new daily daily bug bounty study with me let's get our first bug bounty together series

K i am about to let you in on the best web app security resource. This guy really teach's web app security well. In my experience, kinda hard to find. Hard to find people who really go into the details, this guy explains it like you are in first grade. Portswigger themselves link to his videos, out of the 269 portwsigger web app security labs i would say z3nsh3ll probably has a walkthrough of a good 100 of them at least. HE GETS INTO IT. do like the 20 XSS labs with z3nsh3ll by your side and you will know more about xss than the average cyber person.

ahh yeah the mobile version doesn't have shit. Burp suite academy is really good. i reccomend one of the youtubers that portswigger links to. z3nsh3ll, he explains it really well. And the portswigger labs are fantastic. Everyone raves about those ask around. Also building a shity web app like this helps you understand how certain web apps can work. I recommend building a couple start with Flask or something like this, do that and also do portswigger at the same time that way you can understand it from a builders perspective and a hackers perspective , that way one day you can really attack them.

So i have decided to nail the BSCP, burp suite certified practitioner first. cause my burp suite pro expires in 3 months.

i have yet to implement delete posts lol sorry guys. just um make it blank for now if you want.

watch the last couple of videos in the active directory section of the course. watch the case studies.

Here's something I didn’t realize until recently while studying DOM-based vs. reflected XSS: The HTML you see when you right-click and Inspect Element is not the same as what you see in View Page Source. View Source shows the original HTML from the server. Inspect Element shows the live DOM after JavaScript has executed. This difference is huge when testing for XSS vulnerabilities. For example, with Reflected XSS, you might see the payload in View Source, but with DOM-based XSS, it’ll only appear in the DOM via Inspect Element. will make a video on this.