Cyber Threats
Learn about cyberattacks and how to avoid them. You'll explore Malware, SQL Injection, Cross Site Scripting, Zero-Day Attacks, and more!
StartKey Concepts
Review core concepts you need to learn to master this subject
Cross-Site Scripting (XSS)
Cross-Site Scripting (XSS)
<script>alert(1);</script>
<img src="X" onerror=alert(1);>
<b onmouseover=alert(1)>click me!</b>
<body onload=alert('test1')>
Cross-Site Scripting (XSS) is a vulnerability that occurs when a web application returns unsanitized input to the front end of an application.
Three types of XSS attacks are:
- Stored XSS: when a server saves an attacker’s input into its datastores.
- Reflected XSS: when a user’s input is immediately returned back to the user.
- DOM-Based XSS: when user input is interpreted by the DOM, an attacker could inject arbitrary code.
The code shows examples of HTML tags that help attackers inject dangerous input.
Malware
Lesson 1 of 1
- 1It’s your first day on the job at Cybercademy — a new cybersecurity organization that helps companies improve their security practices. ### Your Task Identify various types of malware on an …
- 6While the presence of spyware makes it obvious something nefarious was installed on the computer, was anything else installed? Ugh, of course. After more digging, you find a Trojan Horse. Wow, is …
- 8The rootkit allowed someone access to this computer. What did they do with that access? You realize that the rootkit was used to deny the user access to files on their system that contain lots of i…
- 9It seems like nothing else could go wrong with this computer. If this was a game of malware bingo, you would be one step away from winning the jackpot. For fun, you investigate some command-line pr…
How you'll master it
Stress-test your knowledge with quizzes that help commit syntax to memory