Coursera Plus Annual is 40% Off — Ends July 6.

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

DOM Clobbering, Prototype Pollution and XSS Walkthrough - Amateurs CTF 2023

CryptoCat via YouTube

Start learning Write review
Simplilearn Ad

Build with Azure OpenAI, Copilot Studio & Agentic Frameworks — Microsoft Certified

Learn More → DataCamp Ad

Power BI Fundamentals - Create visualizations and dashboards from scratch

Learn More →

Overview

AI, Data Science & Cloud Certificates from Google, IBM & Meta — 40% Off
One plan covers every Professional Certificate on Coursera. 40% off Coursera Plus Annual.
Unlock All Certificates
Learn how to solve the "sanity" web challenge from Amateurs CTF 2023 in this detailed video walkthrough that demonstrates advanced web security concepts including DOM clobbering, prototype pollution, and XSS attacks. Follow along with a step-by-step breakdown of the challenge's functionality, comprehensive code review, and vulnerability chain analysis. Master practical exploitation techniques as you explore DOM clobbering implementation, execute prototype pollution attacks, and craft XSS payloads to steal cookies. Gain valuable insights into web security testing through hands-on demonstrations, complete with detailed explanations suitable for beginners in penetration testing and CTF competitions.

Syllabus

Start
Explore functionality
Code review
Vulnerability chain breakdown
Browser issue detour
Attack plan
Step 1: Clobber the DOM
Step 2: Protoype Pollution
Step 3: XSS steal cookie
Recap
End

Taught by

CryptoCat

Reviews

Start your review of DOM Clobbering, Prototype Pollution and XSS Walkthrough - Amateurs CTF 2023

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.