3.1 XSS Assessment

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

40 minutes
Video Transcription
everyone welcome back to the course. So in the last figure, we wrapped up our lab using the beef tool to create a browser hook on our victim. And then we also went ahead and made that hook persistent. So that way as a victim, click three different pages on the web page. We didn't actually lose the hook. We were keeping them infected. And we could look at all the information
in this video. I just want to mention how to find the assessments that I want you to do. So there are three assessments hands on, basically the hands on labs that I want to do for wrapping up this course. Now, I do not have step by step guides for these, and that's on purpose. That's an intent, because I want you to actually go through them and practice your skills.
So they're all pretty simple to find. All you have to do is come into the catalog. Here it is. Type in X s,
and you actually see all 31 that I mentioned in the syllabus document here, that cross site scripting, store bass fishing, the car site scripting score storage. Excuse me. And then the cross site scripting reflected
all these air by range force and only have to do is just click on them on this. Click on this reflected one. You cook the launch button here
and then similar to other items, you'll just click on the launch item button that'll open it intended Tap for you. Now let's go ahead and launch the lab environment.
Now what you'll see is it looks a little different than some of the other labs that we do in these courses. It's just a different provider, and so they're things look a little different, and they're kind of like a mini like mission, so to speak is how they have designed so you can choose your location when you first launching. You can choose whatever location you want, and I'll just choose. Dallas has to make it easy on us.
It'll also give you that warning at the top there, about the cookies so you could know that Hey, they're collecting your cookies. So if you don't want that to happen, maybe open this and incognito browser or just in a virtual machine or something like that to run your labs and you see here just takes him over. So and against you Ah, kind of a walkthrough guide arm stuff.
You can go through the guide or you can skip it.
I'm gonna go ahead and skip the guide here for our purposes, and it's going to go ahead and get the the terminal window. Everything launched for you
s So that's basically how this lab environment works.
You know, you can go back on that will take you back to the screen where you could find some instructions, et cetera. You could say next here,
if you're done, you can end the mission. If you got everything done there, etcetera said, I'm gonna say Got got it to that option there.
So a lot of different things here that you can do in this particular environment, this particular one. It's just gonna take you to the terminal window, walking through from there. Some of the other ones. It will actually give you some instructions on the screen here, So that's basically how you find those. I want you to go through those. Take your time. They're probably gonna take a little longer than the traditional lab will.
I would probably budget at least two hours.
Um, to make sure you can go through everything properly. It's gonna take some time. There might be some readings, that sort of stuff. So go ahead. Do those and get your hands on skills, and those would be kind of the assessment's. Now, if you don't have access to the cyber lab environment, which I recommend you sign up and get that you could also just on your own. You see Mathilde Day tool
and set up. So Mito story reflected attacks and practice on your own.
But for everyone else that has access to the cyber lab environment, these are the three assessments that I want you to do. So again, those are the cross site scripting store based fishing, one
the cross site scripting stored and cross site scripting reflected. So I'll go back to the catalogue here
and just show you again, searching for those. So do searching for the workforce and scripting, and the catalog will pull those three up, so the top three search options here are the ones that you'll want to do.
All right, so in this video, we just showed you how to find the assessments that I want to do for this particular course to wrap it up, and then in the next video, we're just gonna wrap things up in our conclusion.
Up Next