XSS Rat shows us how he hacks websites in 5 minutes and get customers. He approaches companies and gives them 1 hour of free consultancy. But, he is often able to hack their website in 5 minutes - and gain a new client :) He then shows them how they can better secure their websites against actual attacks.
// MENU //
00:00 - Coming up // Hacking websites in 5 minutes!
00:48 - Intro & Disclaimer
00:59 - How to hack websites with XSS
02:17 - Hacking websites demo
03:10 - CAPTCHA vulnerability
04:49 - CSRF token vulnerability
17:19 - Changing emails
20:36 - Client Side Template Injection
24:30 - Mass Assignment vulnerability
28:23 - Open Redirect vulnerability
31:54 - Stealing session tokens
34:44 - JWT vulnerability
38:37 - WordPress // Don't use plugins!
39:10 - Even experts can make mistakes
40:38 - Recommended security scanners
41:05 - Account takeover vulnerabilities
45:37 - Fight the cheese monster! // hackerats.com
52:00 - Thanks XSS Rat! // Free labs on hackxpert.com
52:52 - What to expect in the next video
53:26 - Conclusion