Uncle Rat's XSS Guide

Digging up the dark corners of XSS

What you'll learn

General XSS Attack strategy
XSS Contexts
Reflected XSS
Stored XSS
DOM XSS
Several other advanced XSS techniques...
What can i do for you?
Cross-site scripting is a vulnerability type that every serious ethical hacker needs to have in their skillset. A lot of hackers have probably heared of this issue type or know it very superficially but did you know XSS is anything but superficial?

XSS can occur in a range of different contexts and where mosts courses focus only on the HTML injection side of things, this course aims to draw you in with it's playfully designed labs and easy to follow presentations.

In the end you'll be treated to my personal cheat sheet as well as a way to passively and actively check for XSS vulnerabilities. Are you ready to level up your XSS Game?

This course is great of people who want to actively test for XSS or for people who want to actively defend from it.

Not only are we going to go over the theory of what an XSS attack consists of, we'll be showing you as well in both a guided video form on some free pratice resources online but also in a guided lab which gives you an objective, a website to hack and that's it.


Your Instructor


Wesley Thijs
Wesley Thijs

I am the XSS Rat, an experienced ethical hacker who stands for quality and who believes knowledge is a building block we can all use to grow bigger than we ever were. As a software test i have a unique skill set that centers around logic flaws and IDORs which i have not seen very much by other hunters. This gives me the advantage of finding less duplicates and maximizing my chance of finding a vulnerability by picking the correct target and applying the correct test strategy.


Course Curriculum


  XSS - Intro
Available in days
days after you enroll
  XSS - Ultimate beginner guide
Available in days
days after you enroll
  Stored XSS - in depth
Available in days
days after you enroll
  Reflected XSS in depth
Available in days
days after you enroll
  DOM XSS
Available in days
days after you enroll
  XSS Filter Evasion Techniques
Available in days
days after you enroll
  XSS Filter Bypasses - Lab solutions
Available in days
days after you enroll
  XSS - Advanced techniques
Available in days
days after you enroll
  Analyzing JS files
Available in days
days after you enroll
  CSP - Content security protection AKA why is my JS not executing?
Available in days
days after you enroll
  WAF evasion techniques
Available in days
days after you enroll
  ASP.net XSS
Available in days
days after you enroll
  XSS Attacks
Available in days
days after you enroll
  Extra Video Files
Available in days
days after you enroll
  CSS XSS
Available in days
days after you enroll
  XSS Cheat Sheet
Available in days
days after you enroll
  WAFs
Available in days
days after you enroll

Frequently Asked Questions


When does the course start and finish?
The course starts now and never ends! It is a completely self-paced online course - you decide when you start and when you finish.
How long do I have access to the course?
How does lifetime access sound? After enrolling, you have unlimited access to this course for as long as you like - across any and all devices you own.
What if I am unhappy with the course?
We would never want you to be unhappy! If you are unsatisfied with your purchase, contact us in the first 30 days and we will give you a full refund.

Get started now!