Cross-Site Scripting (XSS) Explained And Demonstrated By A Pro Hacker!

"i hope you learn something valuable...". This is absolutely valuable,
I have been trying to find how dangerous XSS is, but never get satisfied answer except this one. Thanks loi!

Dude you deserve way more views. Straight to the essential, clear, understandable. You won a new follower !

Dude, I’ve been studying cyber for over two years. This is amazing. The first time I can actually see this in action. Thank you!

I'm brand new to IT and was reading about open web app projects and came across the word Cross Site Scripting. Your explanation and demonstration was so clear, concise and yeah, scary! Thank you. I'll be studying your content for sure!

I've tried many times to understand what is really happening with XSS and this was the best way it has ever been explained to me

This channel is gold. All I can say.

Best demonstration of XSS that I have ever seen - thank you

This is awesome... If someone is in hurry of preparing for the interview.. get this..

thank you man, now I can start my career with you here in UA-cam even before I go to university

You're a legend. Straight to the point and you spoke quickly with no filler.

Thank you so much. I'm a web developer and this info is a gold. You explained this in such way that anybody can understand the great risk. This is scary how easy it is to hack the site if it is not protected against these attacks.

Wow, I knew a little about XSS but I didn't had the creativity to think that this kind could be made with this technique! Thank you so much for the presentation!

just been assigned to a security project dealing with XSS, and your video is really helpful and valuablr . a big thumb up bro

Now I know how those infected sites have been hijacked before to host a phishing site, great demo!

Man this was awesome 🤩 being a CEH guy I was still not able to understand how to perform XSS in proper way but this one video cleared my all concept ❤ u deserve millions of likes and views

FIRST TIME I WATCHED THIS I WAS NO IDEA WHAT I'M WATCHING I DON'T UNDERSTAND ANYTHING BUT NOW FOR MONTHS STUDYING JAVASCRIPT AND DOM MANIPULATION I CAN NOW EASILY UNDERSTAND EVERYTHING, THE MORE I DIVE INTO TECH THE MORE MY PERSPECTIVE CHANGES ABOUT INTERNET

Loi you are the best! I love that you acutally shows us how XSS works rather than just explain it in pretty words :) Thank you so much!

Amazing video.
Went through various articles and demos explaining XSS but this one is by far the best one

I found great tutorial on XSS after several year, :) Thanks for sharing it so intuitively.

You got another subscriber. You explain and show the process so much better than Hack the Box. I’m currently slogging thru the Linux Fundamentals course and it is hard.

This guy doesn't spend 30 minutes speaking bullshit and only 2 minutes showing the real thing. I'm a fan

Wow, this is insane. Ngl I'm a little freaked out by this. Great information as always. Thanks 🤟👍

Extremely well done, found your video looking up what XXS was because i wanted to see how dangerous the CS2 exploit is. Thanks for the great info.

Clear and concise explanation and demonstration. Couldn't ask for better.

I have never been more confident about my cyber security career after watching this channel. You’re a gem. Thank you.

This has been the best explanation of what a XSS is. Thank you!

" i hope you learnt something valuable "
Is that a question sir ..
Your channel is a diamond thank you so much

Nice job. Next question is, this seems like an easy task to fix. What else should one do to protect yourself and what is the current state of XSS protection and danger?

I am a career shifter and my current work is related to cybersecurity, and thank you for this

instant subscribe worthy. clear explanation, clear voice, valuable content

I know that XSS is dangerous, but I never realised it can be this dangerous. +1 sub.

Ugh I hate all these spam hacker comments on every infosec video. Thank you for the content. Beautifully explained like always.

thank you just ran into a NoScript detected a potential Cross-Site Scripting attack wow this is helpful

on the process of getting my CompTIA. I was a little confused on this topic but wow. It really is scary. thank you for the video!

Thanks for the explanation. Now I can easily differentiate XSS attack from a Cors attack.

Wow you earned a sub and a ton of respect. You're fast, to the point, highly information-dense.. perfect level of difficulty for me. So happy the algorithm brought me here. Keep it up boss!

Amazing content Mr.Yang. Highly resourceful 👍

clear, concise and to the point explanation. Just amazing!

Perfect timing! I was actually testing it a few days ago!
PS: I didn't expect your password to be 12345678 :P

Game over..... Great info . Most useful channel 4 ethical hacking learning 👍👍👍👍👍

Hi Loi! Great video! Could you please make a video about your desktop setup or what you look for in laptops that are tailored for penetration testing?

So I was thinking: if you are going to look side ways, maybe you don't need a head cam when we see the work on the screen. Thanks for the video, very informative

This made my day! Thanks for the great explain the process and where to find them to test and prevent

Terrific content! Learning so many new techniques.

Excellent introduction on this topic ! Audio quality is great as well, keep it up :)

Thank you, you teach very well even if i already know most of things thats you show, you make them more understandable.

The best Chanel for learning ethical hacking

Thank you so much for letting me know how dangerous stored xss is .

Thank you for the detailed explanation. Can someone answer the question; does this kind of ethical hacking of your own site or apps allow some better capabilities for development?
I want to understand if this is helpful for developers to not get locked out or to better monitor traffic?

Invaluable information. Many thanks Loi!

Awesome video, as always. One suggestion though, could you post the links in the description? Thanks :)

What an awesome video! I’m glad I came across your videos, I have one real nooby question though…
If this SQL stuff is so easy to put into websites, what do banks, shopping or government websites use to protect themselves from these attacks?

Well explained. Just subscribed after watching your video for the first time.

Instant sub after the 1st video, good job explaining and the demonstration helps so much 👍

Your explanation is very clear and easy to understand

I'm a very beginner, but I'm interested in cyber security.... And it's pretty scary to see how easy it is to get your informations...

The problem is you can only realistically get better by practice and diverse practice against differing targets is likely against the law unless you have a job in pentesting.
It’s all fun and games until the authorities knock on your door.

Wow I love your episodes.......Guys let's get to 1million subscribers

XSS = GAME OVER. Thank you for creating great content!

Ty for the demo. However have a doubt. How does tool plant malicious js to another users browser. The demo showed is the js and user login is done in the same local machine. Can u make the server render the webpage with malicious js??

Good demonstration of XSS using a feedback form

Please start ... complete hacking course 🙏❤

What is the best spot on your channel for a beginner earning his SEC+?? I want to start practicing on my home network..

The only channel I watch when learning hacking:)

Nowadays all web frameworks come with really innovative input sanitization techniques which make XSS attacks absolutely useless. Any tricks to bypass these would be cool

All of us know we don't learn hack to hack our own system😂😂😂

Learning about Cyber security after the CS2 XSS exploit that was reported yesterday
I want to hear your opinion on that! It's actually making me really anxious

The most dangerous ones are the ones who created these apps for hacking purposes but thanks for sharing this great video love it thumbs up for you!

i always watch full ads video in your channel sir
so that you will bring more videos for free to us without any cost
thanks

I needed an example outside of the classroom's Vector Image with some script inside of it. I could see how thats easy to fall for

Good video, with wonderful description.
I have a doubt:
If I am a hacker-programmer, why should I try to execute ... inside a text box? I can make use of the browser developer console, right?
Another doubt:
In the video, you are entering email and comment (as a user). The hacker is entering email & script-in-the-comment-box. How the hacker got the user's credentials (to enter script in the user's homepage)?
OR you mean to say, the script provided through the comment box is set in the server code and will be available for all the users? (I am actually confused with XSS after user's login)

im a frontend developer, looking for a video how dangerous xss is, because i know nothing at all about how it will impact our data. hope to see a video how to prevent it as a developer from you because i love to see how you explain informations

You remind me of the guy from (youtube) PBS Space Time (but a non English version of him). :) Great tutorial. Always nice to see how these attacks are done so I can make my website and APPS more bullet proof. :)

So I Have A Question
You Type The Script to tht Web site does it affect other users or only you?
And Thank You For The Video

i suprised that subscribe button is highlighted when you mentioned it

Hello sir Loi Liang Yang, I learnt something new today 😀😀
Thank you ❤️❤️

What a valuable resource, so clear and easy to understand, thanks

wow amazing video, Im studying cyber security and knowing this its very useful! I'm subscribing!

in fact i've learned something valuable, Thank you from Algeria.

You seem experienced, could you bring down a website for me?

Just subbed, great content. Clear and concise

Dear Loi, just remember one thing, you are our hero....

That's awesome, but what is the use of XSS reflected, has the same level of danger?

alert("Eeeeeeeeeee");
//UA-cam can't be hacked that easily

Thank you so much, you do a great job of explaining it this helps me with my college XSS lab.

Any chance you have a Udemy or hacking course available?

So inserting the comment just completely took over the XSS vulnerable web server in question?
Loi, what exactly is happening on the web server that is enabling this?
Doesn't it still require someone to click the vulnerable link in the comments?

I use your site to help make my website and APPS in development more secure. Thx :)

You can prevent that in PHP using the strip_tags() function passing the input data into the function

Is there a video on how to take all the code of a site and make an identical for other project?

I love your content, I am working in coal mine industry, I learned linux and got a RHCE certification in 2020, how should I get my foot into cybersecurity?

Hey bud.. This is awesome, I am new bee with Kali Linux and offensive security world... though I have almost 13 years work experience as an Infra Architecture for Cisco UCS world, Just wanted to take my career towards Cyber Security, Could you please guide me.. Thank you!!

Love the attitude of this guy. Don't waste time

The video is very clear but my question is can you do this without beef? For example if you have access to a site can you write your own code to put in it, and also does it always change the url

What is this software you are using to execute the command

I just want to learn this because i want to make sure that my website is as secure as can be possible

Mobile hacking lectures !! plzzz ! BTW Love your Videos :
)

Please which operating os are you using

this is cool and all but it bothers me how late the webcam is with the audio 😅

This is total fun and amusement 🙂 Love your music Peace and Love from Sweden