Advanced XSS

Hi there!,

I had solved Portswigger Labs and had an basic idea on XSS.
This time, I wanted to learn advanced way of exploiting XSS.
This blog contains the references for the same.

Topic - XSS

Labs/Challenges

• https://xss.pwnfunction.com/
  (Nice challenges by @Pwnfuncton)

• https://securitymb.github.io/xss/1/
  (Awesome Challenge Series by @SecurityMB)

• https://portswigger.net/web-security/dom-based/dom-clobbering/
  (DOM Clobbering Portswigger Labs)

• https://public-firing-range.appspot.com/
  (Different types of XSS attacks by google specially designed to test out the security scanners)

• http://brutelogic.com.br/chall/minified.php
  (Challenge on Double reflection)

Resources

• https://brutelogic.com.br/blog/
  (Awesome collection of blogs by @brutelogic)

• https://netsec.expert/posts/xss-in-2021/index.html
  (Cheat Sheet by @SamuelAnttila)

• https://portswigger.net/web-security/cross-site-scripting/cheat-sheet
  (Portswigger Cheat Sheet)

• https://medium.com/@terjanq/dom-clobbering-techniques-8443547ebe94
  (Nice blog on explaining DOM clobbering attacks by @terjanq)

• https://github.com/terjanq/Tiny-XSS-Payloads
  (Collection of short XSS Payloads)

• https://github.com/s0md3v/AwesomeXSS
  (Payloads and Resources By @s0md3v)

• https://www.w3schools.com/js/tryit.asp?filename=tryjs_editor
  (Online JS editor for playing with the payloads)

Feel free to drop any suggestions via my social handles.
Thanks for reading!!!.