Which XSS payloads get the biggest bounties? - Case study of 174 reports

Описание к видео Which XSS payloads get the biggest bounties? - Case study of 174 reports

📕 Access the whole case study: https://members.bugbountyexplained.co...
📧 Subscribe to BBRE Premium: https://bbre.dev/premium
✉️ Sign up for the mailing list: https://bbre.dev/nl
📣 Follow me on twitter: https://bbre.dev/tw

Recently, I did a case study of 174 XSS bug bounty reports to learn how are people actually making money with Cross-site scripting. In this video, I'm showing you what payloads were the most common, which I think we should use and how some reports could have been improved.

🖥 Get $100 in credits for Digital Ocean: https://bbre.dev/do

Timestamps:
00:00 Intro
01:38 Advantages of using img onerror vs using the script payload
09:54 the javascript protocol
14:43 Payloads with other event handlers and what should you do before sending the report.
18:47 XSS Hunter payloads
21:37 SVG payloads
23:55 Other payloads
27:59 Get access to the database with all the reports

Комментарии

Информация по комментариям в разработке