Rat hacks website in 5 minutes 😱

XSS Rat shows us how he hacks websites in 5 minutes and get customers. He approaches companies and gives them 1 hour of free consultancy. But, he is often able to hack their website in 5 minutes - and gain a new client :) He then shows them how they can better secure their websites against actual attacks. XSS Rat's new course: https://davidbombal.wiki/xssratpentest // MENU // 00:00 - Coming up // Hacking websites in 5 minutes! 00:48 - Intro & Disclaimer 00:59 - How to hack websites with XSS 02:17 - Hacking websites demo 03:10 - CAPTCHA vulnerability 04:49 - CSRF token vulnerability 17:19 - Changing emails 20:36 - Client Side Template Injection 24:30 - Mass Assignment vulnerability 28:23 - Open Redirect vulnerability 31:54 - Stealing session tokens 34:44 - JWT vulnerability 38:37 - WordPress // Don't use plugins! 39:10 - Even experts can make mistakes 40:38 - Recommended security scanners 41:05 - Account takeover vulnerabilities 45:37 - Fight the cheese monster! // hackerats.com 52:00 - Thanks XSS Rat! // Free labs on hackxpert.com 52:52 - What to expect in the next video 53:26 - Conclusion // Previous video // XSS hacking: https://youtu.be/PzRQhpbYbeg // NEW COURSE // Get XSS Rat's New Pentest course: https://davidbombal.wiki/xssratpentest // Demo Sites // This video: https://hackxpert.com/00032422342/ratsite/ Others mentioned: - https://hackxpert.com/labs - https://hackxpert.com/ratsite // David's SOCIAL // Discord: https://discord.com/invite/usKSyzb Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/davidbombal // XSS Rat SOCIAL // Twitter: https://twitter.com/theXSSrat YouTube: youtube.com/c/TheXSSrat Website: https://thexssrat.podia.com/ // XSS Rat's Udemy course // New Pentest course: https://davidbombal.wiki/xssratpentest XSS Survival