What is Cross Site Scripting (XSS)?
Cross Site Scripting (XSS) is an attack on web applications in which an attacker injects malicious Java Script code into a web page, which is afterwards executed by other users browser when visiting the web page. The code can be injected in various places, such as URL parameters, a web form or a comments section.
When the victim then accesses the infected website, the malicious code is executed and can be used to steal personal data such as passwords or cookies, or to perform malicious actions such as redirecting to another website or altering the content of a website.
There are different types of XSS attacks, including stored XSS (the malicious code is stored on the server and executed each time the affected web page is accessed) and reflected XSS (the malicious code is embedded directly in the URL and executed each time the web page is requested).
binsec academy GmbH – Advanced Pentest Training Lab
binsec academy GmbH operates the Pentest Training Lab, a highly practical online platform dedicated to real penetration testing. Simulating complex corporate networks and advanced real-world attack scenarios within isolated lab environments, it is engineered to sharpen the skills of aspiring and professional penetration testers. Upon conquering our rigorous, fully practical examination, participants earn the distinguished Binsec Academy Certified Pentest Professional (BACPP) designation — proving their technical capability to methodically uncover and evaluate vulnerabilities in modern IT infrastructures.
Explore the Pentest Training Lab
binsec GmbH – Experts in Penetration Testing
As the operative pentesting core of the binsec group, binsec GmbH has provided high-end, human-led penetration testing since 2013. Rejecting automated scans, our permanently employed, certified senior pentest experts deliver manual deep-dive assessments of web applications, APIs, mobile apps, complex network infrastructures, cloud environments, and advanced red team simulations. Specializing in high-regulation sectors like Payment, Banking, and Healthcare, we provide clear risk evaluations and actionable reports to effectively assess your business-critical systems.
Get Manual Expert Penetration Testing Services