The XSS Rat - Proud XSS N00b :-)

I have built: - A security testing repo: github.com/The-XSS-Rat/Se… - An API hacking tool: github.com/The-XSS-Rat/ha… - A blog: blog.hackxpert.com (Yeah I know cert expired, will look into that today) - 150 exploits + 6 lifelike labs: labs.hackxpert.com - A student base of over 180 000 big: udemy.com/user/wesley-th… - A wealth of courses: thexssrat.com - A youtube channel with over 1200 video's: youtube.com/c/thexssrat - A medium with over 7300 followers: thexssrat.medium.com - An incredible fanbase of over 50 000 rats on youtube + 150 000 here - A discord server with over 10 000 members + one for CAPIE + CNWPP + Hacker's toolkit - A list of 10 students i got to directly reporting bugs: thexssrat.podia.com/achievements - A song: youtube.com/watch?v=S3bP3j… (No AI) - A family of my own - Reports on some of the giants of this earth - A pentesting company And still i get constantly attacked for not knowing anything - just copy pasting shit and not being good enough :-) hahaha you are so funny - THEN GO DO BETTER <3 Much love rat pack!! Thank you for the support!

Learning from a practitioner with a specific profile—Wesley Thijs (The XSS Rat)—is essentially like skipping the "tutorial" level of a video game and going straight to the final boss's strategy guide. thexssrat.podia.com/coaching-sessi… If you follow a bundle from an OpenAI "Top 12" researcher who earns thousands in bounties, you are learning how to think like a high-earner. * They teach you how to pick targets (ROI). thexssrat.podia.com/achievements

Most entry-level certificates (like CompTIA Security+) teach you what a firewall is. Higher-level ones (like OSCP) teach you how to exploit known vulnerabilities. thexssrat.podia.com/912-uncle-rat-… Learning from a practitioner who manages their own firm and has successfully secured high-stakes, multi-million-dollar financial platforms gives you a specific set of advantages that academic or "entry-level" corporate certifications simply cannot match.

📬 Challenge Spotlight: Postmark The mail server confirms which users exist — and some have terrible passwords. Enumerate, guess, get the shell. Real-world SMTP exploitation on a live machine. Try it: ratctf.thexssrat.com #RatLabs #CTF #SMTP #Pentesting #HackingChallenges

In bug bounty hunting, where 95% of beginners quit within the first six months without ever seeing a payout, a mentor isn't just a "bonus"—they are the difference between a lucrative career and a frustrating hobby. thexssrat.podia.com/big-beautiful-… Following a structured, mentor-led path typically results in a 30% to 50% reduction in the time it takes to find your first valid vulnerability. A mentor doesn't just give you "secrets"; they prevent you from wasting hundreds of hours on low-value activities.

Junior rats - Do you want a job in cybersecurity? Having a certification in cybersecurity is less of a "bonus" and more of a "entry ticket" in 2026. While no single piece of paper guarantees a job, the data shows it drastically changes the math of your job hunt. Prepare ideally for CWAP: thexssrat.podia.com/901-beginner-w… Grab our free cert: thexssrat.podia.com/capie-lesson-m… All of my certificates? - 3 for you! thexssrat.podia.com/903-the-pentes…

Did you know most hunters and hackers fail at step 1? That is target selection. I see you all hammering away at anything and everything, but what makes a good target? thexssrat.podia.com/full-house-bun… - B2B , RBAC, main app, payout 0 min - 2500 max, active in terms of accepting/denying bugs There are a few more properties of a good target for me, at least those are MY criteria which is exactly what I talk about in my teachings and lessons. This is in my live lessons, courses and even certification exams! EVEN FUTURE ONES! This bundle is the best cybersecurity has to offer!

@thinkverse is currently taking the lead by far on our leaderboards! Are you going to catch up to him? ratctf.thexssrat.com/users/thinkver…

While my 900 endless bundle is sold out for today - you can still grab my other bundles on offer or wait for a re-stock: - 906 Certified Web App Pentester Bundle: thexssrat.podia.com/901-beginner-w… - 907 Bug Bounty Bundle: thexssrat.podia.com/big-beautiful-… - 910 3x Certification Bundle: thexssrat.podia.com/903-the-pentes… - 912 Uncle Rat's Pentesting Paradise: thexssrat.podia.com/912-uncle-rat-…

Bug Bounty / Web Application Security Hunting Checklist - 2026 version - friend link @thexssrat/bug-bounty-web-application-security-hunting-checklist-2026-xss-rat-version-1886138a8200?sk=1d0e00aa0bad5856b3c7bddec6690b36" target="_blank" rel="nofollow noopener">medium.com/@thexssrat/bug…

Do you know why I developed CAPIE? certs.thexssrat.com/store/CAPIE In the API hacking industry - there are few certifications, I developed this beginner level certifications so that anyone can get the chance to certify themselves in testing against the OWASP API top 10 - 2019 and 2023 versions Do you want a free cert? Try my Junior API Hacking cert: thexssrat.podia.com/capie-lesson-m… Want to go even beyond all of this? - Add CNWPP - Networks and website pentesting pro thexssrat.podia.com/cnwpp-exam-vou… - Add CWAP - Our website cert thexssrat.podia.com/901-beginner-w…

🐀 RatLabs is live! 21 hands-on hacking challenges — from enumeration to advanced exploitation. XSS, SUID, TFTP, prompt injection & more. Register free, own the boxes, climb the leaderboard 👇 🔗 ratctf.thexssrat.com #CTF #HackingChallenges #CyberSecurity #BugBounty #PenTest #TheXSSRat

I reached number 12 on the openAI leaderboard. Of course I won't forget about you bug bounty hunters - being able to submit a bug is one thing, getting paid for it is another. You know what is even harder? Teaching others how to report! thexssrat.podia.com/achievements I have a portfolio of more then 15 people I coached directly to report bugs thexssrat.podia.com/big-beautiful-… Imagine what I can do if you give me some money and time through my bundle. Yeahhh that version of yourself looks a lot different then now right? They told me that I can not teach bug bounty to others - I laugh in their face, just ask my students!

Do you know why i developed CWAP? thexssrat.podia.com/901-beginner-w… Because in my humble opinion, the industry was missing an entry level web app hacking certificate. This worth opponent will challenge you in more ways than just pentesting so be prepared with our preparation courses before you throw yourself into my rat claws and prove to the world you are not a pussy cat!

CyberSecurity certifications - there are a LOT out there and a lot of service providers, that is why i try to be different. thexssrat.podia.com/903-the-pentes… I do not proctor your exams, I am your customer - I will make your life miserable during your exam in planned scenario's that are designed to test your cool and patience. How do you stack up agains our CAPIE exam? API hacking at it's best! How about CNWPP? Pentesting on networks and website level Of course CWAP can not be missing - your web app certificate I don't sell pieces of paper, I sell your chances of a job increasing drastically.

This bundle is not made for those who do not like adventure This bundle is not made for those who do not like to win This bundle is not made for those who do not like to get bugs FASTER than other rats This bundle is NOT made for those who don't want to pentest. thexssrat.podia.com/full-house-bun… - All my courses will help you in getting the required knowledge - All my labs will help you practice what you know - All my live lessons will clear up your doubts - All my certifications will complete your repetoire and resume - My dedicated discord server is where we celebrate the wins - My RatCTF platform is where you learn how to pentest

🚨 New Lab Live on RatLabs: RootbaseTarget IP: 139.144.165.14 Scenario: An unsecured root DB password has left the gates wide open. Can you find the plaintext secrets and escalate your way to the top? ✅ Part of The XSS Rat’s structured security training. ✅ Real-world pivot & privilege escalation techniques. ✅ Leaderboard points up for grabs! Join the hunt: ratctf.thexssrat.com/challenges/mys…

3 cybersecurity certificates for 33 euro's. It is not too good to be true, it is called The XSS Rat - I am only doing this because i want to get my name out. Want to join my 3 cert packages + all the lesson material? thexssrat.podia.com/903-the-pentes… invest in your future, make sure you are ready for when AI comes knocking for your job!

ONLY TODAY - JOIN MY ENDLESS COMMUNITY FOR JUST 20$ thexssrat.podia.com/full-house-bun…

We keep on growing 🫣 Ratctf.thexssrat.com

@Ganofins @Hacker0x01 Congrats 🙌

In April, I submitted 34 vulnerabilities to 6 programs on @Hacker0x01. #TogetherWeHitHarder hackerone.com/last-month