XSS Learning Resources

Basic of what XSS is and where to learn more about it

Posted by Siddharth Balyan on October 30, 2020 · 3 mins read

XSS? wat dis

XSS (aka by its much uncooler name Cross-Site Scripting) is a web security vulnerability which allows an attacker to inject and add malicious code, which in turn can lead to compromisation of a user’s account, session or cookies. This injected code, afffects and runs on the users on the website and has no real effect on the web server whatsoever. It affects the client and not the server.

Courtesy of Portswigger
Taken from Portswigger’s Web Security Labs

Reflected XSS

Arises when application recieves data in an HTTP request and includes the data within the response in an unsafe way. Eg.

https://insecure-website.com/status?message=All+is+well.
<p>Status: All is well.</p>

No processing of data is done, hence one can craft a URL like;

https://insecure-website.com/status?message=<script>/*+Bad+stuff+here...+*/</script>
<p>Status: <script>/* Bad stuff here... */</script></p>

The <script> tag gets executed once the victim loads this specific URL

Stored XSS

Arises when an application recieves data from an untrusted source and includes that data in its later HTTP responsed insecurely. Eg, in a blog post comment section. Say a message board application allows you to post messages.

<p><script>/* Bad stuff here... */</script></p>

This script gets stored on the website as a message and runs on anyone who loads this page containing this message.

DOM-Based XSS

Arises when an application contains some client-side JS processing data in an unsafe way (writing it back to the DOM). If the attacker controls the calue of the input field, they can craft malicious JS that causes their own script to execute.

WHERE CAN I LEARN MORE!?!?!

Considering the vast number of XSS resources, it might be difficult to track and choose what places to learn and practice XSS from.

Here are few resources I used to practice and learn and refer XSS.

  1. Web Security Academy - XSS Learning Material Personally, I’ve found Web Security Academy to be an amazing resource to learn security topics from. I read through the contents and tried to make notes, which I’ve linked down below
  2. DVWA After learning and absorbing some material, I downloaded Metasploitable2 (which has DVWA and Mutildae preloaded on it) and did the easy and medium levels XSS challenge.
  3. OWASP Juice Shop I’m currently doing all the XSS Challenges from the Juice Shop
  4. Web Security Academy - XSS Labs After this, I plan to complete all the XSS labs on Web Security Academy.

This is a blog in progress, and as I continue on to my security journey, I plan to add more stuff, references to it. Meantime, check out my personal notes here.