Ready for the real environment experience?
In this lab, you will conduct an XSS attack through a DVWA (Damn Vulnerable Web Application) and exploit a vulnerability to hijack a user's browser session cookie.
Upon completion of this lab, you will be able to:
- Navigate through DVWA to perform an XSS attack to retrieve a session cookie
This lab is intended for:
- Individuals who want to learn how to perform XSS attacks through websites
- Security engineers who want to understand the security level of their websites to avoid XSS attacks
- People who want to know how an XSS attack can be performed
This lab has no prerequisites.
About the Author
Richard Beck is Head of Cyber Security at QA, responsible for the entire Cyber Security portfolio. He works with customers to build effective and successful security training solutions tailored to business needs. Richard has over 10 years' experience in senior Information Security roles. Prior to QA, Richard was Head of Information Security for four years at Arqiva, which underpin 20% of the UK's Critical National Infrastructure. Richard also held Security and Technical Management posts at CPP, GEC, Pearson and the Royal Air Force. Richard sits on the IBM European Board of Security Advisors and previously chaired the Communication Industry Personnel Security Information Exchange (CPNI).