Member-only story

XSS Introduction Walkthrough Notes | TryHackMe

3 min read2 days ago

Room: https://tryhackme.com/room/xssintroduction

We explore how XSS works, learning how input fields can run scripts, steal data, and affect users, showing how different types behave and why proper filtering is important.

Friendly Access here!

Task 2: Important Terminologies

What is the URL parameter in the URL http://google.com/text=?

text

Which is the most renowned scripting language for adding interactivity to the DOM?

JavaScript

Task 3: XSS Payloads

Which document property could contain the user’s session token?

document.cookie

Which JavaScript method is often used as a Proof of Concept?

alert

Task 4: Reflected XSS — Non-Persistent

What is the text shown in the alert pop-up after a successful XSS attack?

Hack

Solution:

Create an account to read the full story.

The author made this story available to Medium members only.
If you’re new to Medium, create a new account to read this story on us.

Continue in app

Or, continue in mobile web

Already have an account? Sign in

Written by Sle3pyHead 👨‍💻

471 followers

31 following

I use this space to save my notes and review them later.

No responses yet

Write a response

What are your thoughts?

Recommended from Medium

Sudoroot

May 17

TryHackMe: Token City

Investigating a Malicious AI App and Recovering Encrypted Files

System Weakness

Francesco Pastore

Apr 11

THM - Plant Photographer

A writeup for “Plant Photographer” on TryHackMe.

TryHackMe: CSRF Introduction — Full Walkthrough

InfoSec Write-ups

Hibullahi AbdulAzeez

Apr 7

TryHackMe: CSRF Introduction — Full Walkthrough

Difficulty: Easy | Category: Web Application Security | Time: 60 minutes

Intro to AD Breaching | TryHackMe | practical challenge

Jose Praveen

May 13

Intro to AD Breaching | TryHackMe | practical challenge

Explore AD breaching including username enumeration, password spraying, coercion, and mitigations.

Jawstar Security

Jawstar

Apr 9

Water Bottle Tryhackme Writeup

Author : Jawstar

Valenfind Walkthrough (TryHackMe): Love at First Breach CTF

Sahand Babali

Feb 14

Valenfind Walkthrough (TryHackMe): Love at First Breach CTF

This challenge is from the Love at First Breach Valentine event on TryHackMe.

See more recommendations

Help

Status

About

Careers

Press

Blog

Privacy

Rules

Terms

Text to speech

XSS Introduction Walkthrough Notes | TryHackMe

Task 2: Important Terminologies

Task 3: XSS Payloads

Task 4: Reflected XSS — Non-Persistent

Create an account to read the full story.

Written by Sle3pyHead 👨‍💻

No responses yet

More from Sle3pyHead 👨‍💻

Guided Pentest: Infrastructure Walkthrough Notes | TryHackMe

Step by step infrastructure testing from access to deeper system control

AI System Reconnaissance Walkthrough Notes | TryHackMe

Walkthrough of finding and understanding exposed AI systems

LLM Security Walkthrough Notes | TryHackMe

A straightforward walkthrough of the LLM security challenges on TryHackMe.

AI Models & Data Walkthrough Notes | TryHackMe

AI models and data notes from TryHackMe room overview