A somewhat curated list of links to various topics in application security.
| Link | Excerpt | Word Count |
|---|---|---|
| Cross-site scripting | Cross-site scripting (XSS) is a type of security vulnerability that can be found in some web applications. XSS attacks enable attackers to inject client-side scripts into web pages viewed by other users. | 3466 |
| Cross Site Scripting Prevention | This cheat sheet helps developers prevent XSS vulnerabilities. Cross-Site Scripting (XSS) is a misnomer. Originally this term was derived from early versions of the attack that were primarily focused on stealing data cross-site. | 3882 |
| HTML5 Security CheatsheetWhat your browser does when you look away... | HTML5 Security CheatsheetWhat your browser does when you look away... | 14 |
| Using Javascript in CSS | Is it possible to use Javascript inside CSS? If it is, can you give a simple example? | 1236 |
| http://www.vulnerability-lab.com/resources/documents/531.txt | 0 | |
| Cross-site Scripting (XSS) | Cross-site Scripting (XSS) is a client-side code injection attack. The attacker aims to execute malicious scripts in a web browser of the victim by including malicious code in a legitimate web page or web application. | 2057 |
| 666 lines of XSS vectors, suitable for attacking an API | Not a member of Pastebin yet? Sign Up, it unlocks many cool features! <script\x20type="text/javascript">javascript:alert(1);</script><script\x3Etype="text/javascript">javascript:alert(1);</script><script\x0Dtype="text/javascript">javascript:alert(1);</script><script\x09type="text/javascript">javascr | 6040 |
| A comprehensive tutorial on cross-site scripting | Excess XSS A comprehensive tutorial on cross-site scripting Created by Jakob Kallin and Irene Lobo Valbuena Part One: Overview What is XSS? Cross-site scripting (XSS) is a code injection attack that allows an attacker to execute malicious JavaScript in another user's browser. | 5289 |
| Collection of Cross-Site Scripting (XSS) Payloads | Here is a compiled list of Cross-Site Scripting (XSS) payloads, 298 in total, from various sites. These payloads are great for fuzzing for both reflective and persistent XSS. | 2675 |
| mandatoryprogrammer/xssless | An automated XSS payload generator written in python. This is an example XSS payload output (uncompressed) that parses CSRF tokens and uploads a binary all via XSS! | 9405 |
| Cross Site Scripting without special chars | I'm testing a web application and I found a XSS vulnerability. I can break a tag and inject some code to the application but nothing potentialy dangerous for the client. | 117 |
| http://www.xss-payloads.com/ | 0 | |
| http://wocares.com/xsstester.php | 0 | |
| http://www.paulosyibelo.com/2014/07/bypassing-htmlentities.html | 0 | |
| Preventing XSS Attacks in ASP.NET MVC using ValidateInput and AllowHTML | What is XSS? How can we prevent the same in MVC? | 535 |
| ng-owasp: OWASP Top 10 for AngularJS Applications | Report Share | 2 |
| Protect the trust you’ve worked so hard to build | In today’s world, business success depends on customer and employee trust. NetSPI is your ally in the battle for trust. We accelerate proactive security at scale so you can protect your priorities, perform better, and move faster. | 524 |
| How I Stole Plunker Session Tokens with an Angular Expression | Recently I’ve been spending a lot of time looking into the vulnerabilities happening with some AngularJS implementations. The biggest problem being: mixing server side templates with client side templates. | 1568 |
| Cross Site Scripting Payloads ≈ Packet Storm | _________ _________.__ __ _________ .__ __ . | 3192 |
| XSS without HTML: Client-Side Template Injection with AngularJS | Naive use of the extremely popular JavaScript framework AngularJS is exposing numerous websites to Angular Template Injection. | 2687 |
| XSS without HTML: Client-Side Template Injection with AngularJS | 0 | |
| foospidy/payloads | Git All the Payloads! A collection of web attack payloads. Pull requests are welcome! Requests extracted from either packet captures or log files of capture the flag (ctf) events. Mostly raw data so not all requests are actual payloads, however requests should be deduplicated. | 669 |
| XSS Hunter Express | 0 | |
| Unleashing an Ultimate XSS Polyglot | Unleashing an Ultimate XSS Polyglot jaVasCript:: A label in ECMAScript; a URI scheme otherwise. /*-/*`/*\`/*'/*"/**/: A multi-line comment in ECMAScript; a literal-breaker sequence. | 148 |
| https://blog.innerht.ml/the-misunderstood-x-xss-protection/ | 0 | |
| Respect XSS | Reported to Microsoft on secure@microsoft.com: 20th February 2017 Triaged and Case # Assigned email from secure@microsoft.com: 20th February 2017 and Case # was 37482 Case Reproduction Email Confirmation from secure@microsoft. | 5069 |
| File Upload XSS | A file upload is a great opportunity to XSS an application. User restricted area with an uploaded profile picture is everywhere, providing more chances to find a developer’s mistake. If it happens to be a self XSS, just take a look at the previous post. | 394 |
| Cross-Site Script Inclusion | Two key components account for finding vulnerabilities of a certain class: awareness of the vulnerability and ease of finding the vulnerability. Cross-Site Script Inclusion (XSSI) vulnerabilities are not mentioned in the de facto standard for public attention – the OWASP Top 10. | 2160 |
| Uber Bug Bounty: Turning Self-XSS into Good-XSS | Now that the Uber bug bounty programme has launched publicly, I can publish some of my favourite submissions, which I’ve been itching to do over the past year. This is part one of maybe two or three posts. | 1351 |
| Adapting AngularJS payloads to exploit real world applications | Every experienced pentester knows there is a lot more to XSS than - filtering, encoding, browser-quirks and WAFs all team up to keep things interesting. AngularJS Template Injection is no different. | 925 |
| CORS Enabled XSS | Misconfigured CORS (Cross Origin Resource Sharing) headers can’t be abused to trigger javascript in a target website. But there’s an interesting and useful way to use it in an existing XSS scenario. One page websites, by their very nature, make heavy use of javascript. | 222 |
| XSS and RCE | RCE (Remote Code Execution) is a critical vulnerability which usually is the final goal of an attack. With code execution, it’s possible to compromise servers, clients and entire networks. | 578 |
| Calling Remote Script With Event Handlers | After a tester or attacker is able to pop an alert box, the next step is to call an external script to do whatever he/she wants to do with the victim. In scenarios where XSS is not possible with “<script src=//HOST>” or similar, we need to build the request to load our remote code. | 288 |
| XSS Challenge I | Some weeks ago, a XSS challenge was launched: the goal was to pop an alert(1) box in latest Google Chrome at that time (version 53). Code was minified (made by just one continuous line) which always brings interesting possibilities to handle input injections. | 542 |
| tunz/js-vuln-db | CVE Number Feature Keywords Credit CVE-2013-6632 TypedArray Integer Overflow, OOB Pinkie Pie CVE-2014-1705 TypedArray Invalid Array Length, OOB geohot CVE-2014-3176 Array.concat Side Effect, OOB lokihardt CVE-2014-7927 Optimization asm. | 1033 |
| Stealing passwords from McDonald's users | By abusing an insecure cryptographic storage vulnerability and a reflected server cross-site-scripting vulnerability it is possible to steal and decrypt the password from a McDonald’s user. Besides that, other personal details like the user’s name, address & contact details can be stolen too. | 656 |
| Bypass XSS blacklist "<", ">", "&" input nvarchar | I'm using some software that is blacklisting certain characters "<", ">", "&" for user submitted values. It isn't HTML encoding the values when displaying the submitted results (outputs all submitted results in a table). | 387 |
| qazbnm456/awesome-web-security | Needless to say, most websites suffer from various types of bugs which may eventually lead to vulnerabilities. Why would this happen so often? There can be many factors involved including misconfiguration, shortage of engineers' security skills, etc. | 4634 |
| xss-polyglots | A polyglot is a payload that can be used in more than one context and still be treated as valid data. To learn more about polyglots check out this talk. The xss-polyglots package exports a function that returns an array of payloads. | 85 |
| Angular Template Injection Payloads | 1.3.2 and below {{7*7}} 'a'.constructor.fromCharCode=[].join; 'a'.constructor[0]='\u003ciframe onload=alert(/Backdoored/)\u003e'; {{ 'a'.constructor.prototype.charAt=[].join; $eval('x=""')+'' }} {{ 'a'.constructor.prototype.charAt=[].join; $eval('x=alert(1)')+'' }} {{constructor. | 396 |
| Sniping Insecure Cookies with XSS | In this post I want to talk about improper implementation of session tokens and how one XSS vulnerability can result in full compromise of a web application. The following analysis is based on an existing real-life web application. | 2658 |
| XSS Cheat Sheet | XSS Vectors Cheat Sheet onclick=alert(1)//<button ‘ onclick=alert(1)//> */ alert(1)// /*! SLEEP(1) /*/ onclick=alert(1)//<button value... | 0 |
| XSSight – Automated XSS Scanner And Payload Injector | XSS is a very commonly exploited vulnerability type which is very widely spread and easily detectable. An attacker can inject untrusted snippets of JavaScript into your application without validation. This JavaScript is then executed by the victim who is visiting the target site. | 328 |
| https://gbhackers.com/xsser-automated-framework-detectexploit-report-xss-vulnerabilities/ | 0 | |
| Home | Home Masato Kinugawa edited this page · 1 revision | 7 |
| Rails Quiz: XSS Edition | Cross-site scripting (XSS) is a type of computer security vulnerability that enables an attacker to inject code into a web page. When a user later visits that web page the code is executed in that user’s browser. | 613 |
| s0md3v/XSStrike | XSStrike is a Cross Site Scripting detection suite equipped with four hand written parsers, an intelligent payload generator, a powerful fuzzing engine and an incredibly fast crawler. | 320 |
| Compromising CMSes with XSS | CMSes (Content Management Systems) are a perfect target for XSS attacks: with their module installation features and the possibility to know all the requests done by a legit administrator of the system previously, it’s pretty easy to mount a CSRF (Cross-Site Request Forgery) attack against him/her | 787 |
| The 7 Main XSS Cases Everyone Should Know | When reading material on XSS subject we usually see the classical <script>alert(1)</script> as an demonstration of such vulnerability (PoC – Proof of Concept). | 727 |
| The Real Impact of Cross-Site Scripting | Cross-site scripting (XSS) is probably the most prevalent high risk web application vulnerability nowadays, and yet it is still one of the most overlooked by developers and defenders alike. | 1588 |
| XSStrike - Detect and exploit XSS vulnerabilites | We’ll attempt to show you how to build your own Pwn Phone running the Kali operating system and our AOPP (Android Open Pwn Project) i... | 29 |
| How To: Write an XSS Cookie Stealer in JavaScript to Steal Passwords | JavaScript is one of the most common languages used on the web. It can automate and animate website components, manage website content, and carry out many other useful functions from within a webpage. | 1598 |
| https://ysx.me.uk/taking-note-xss-to-rce-in-the-simplenote-electron-client/ | 0 | |
| https://medium.com/@johnssimon_6607/7500-worth-dom-xss-in-facebook-mobile-site-144351f00b6c | 0 | |
| Top 500 Most Important XSS Cheat Sheet for Web Application Pentesting | XSS is a very commonly exploited vulnerability type which is very widely spread and easily detectable. Here we are going to see about most important XSS Cheat Sheet. What is XSS(Cross Site Scripting)? An attacker can inject untrusted snippets of JavaScript into your application without validation. | 4909 |
| ssl/ezXSS | ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting. ezXSS is a tool that is designed to help find and exploit cross-site scripting (XSS) vulnerabilities. | 498 |
| XSS Cheat Sheet | It’s a collection of the most useful vectors and payloads of Cross-Site Scripting (XSS), the most widespread and common flaw found in the World Wide Web. | 112 |
| Cross Site Scripting Prevention | This cheat sheet helps developers prevent XSS vulnerabilities. Cross-Site Scripting (XSS) is a misnomer. Originally this term was derived from early versions of the attack that were primarily focused on stealing data cross-site. | 3882 |
| Stealing HttpOnly Cookie via XSS | It’s very rarely that i write about my findings , But i decided to share this which may help you while writing pocs. | 1470 |
| DOM-based XSS – The 3 Sinks | The most common type of XSS (Cross-Site Scripting) is source-based. It means that injected JavaScript code comes from server side to execute in client side. | 1099 |
| Chaining Self XSS with UI Redressing is Leading to Session Hijacking (PWN users like a boss) | But i had noticed that application was not using the x-frame header. so thought lets check for click jacking. ! and yeah ! application was vulnerable with click jacking. Here is the Click jacking which is chained with self xss which grabs victim’s cookies. | 287 |
| Steal CSRF/Auth/Unique key Header with XSS | In fig: 1 You can see that there is a CSRF-token header presence in the website. Now we are going to steal it. Okay below is the code which steals the token header and send it to the attacker’s server. | 334 |
| 900$ XSS in yahoo ( Recon Wins ) | For those who expects special bypass or xss related stuff this is not about the xss i found which was easy hit, this is about the recon i did and the help i got from Knoxss to report this vulnerability to yahoo. | 634 |
| https://medium.com/bugbountywriteup/file-upload-xss-patched-83ea55bb9a55?source=userActivityShare-90814179aa21-1527302452 | 0 | |
| Blind XSS for beginners | What is Blind XSS? It is a type of stored XSS where attackers input is saved by server and is reflected in a totally different application used by system admin/team member. | 610 |
| Blind XSS for beginners | What is Blind XSS? It is a type of stored XSS where attackers input is saved by server and is reflected in a totally different application used by system admin/team member. | 610 |
| THE BIG BAD WOLF - XSS AND MAINTAINING ACCESS | ... And there we have it ladies and gents, while we may not have the cookie, we still can get an almost invisible access to an application we can query full read/write privileges as the user. | 953 |
| https://medium.com/bugbountywriteup/how-i-found-a-xss-vulnerability-within-the-response-field-64a3b7d159ed?source=userActivityShare-90814179aa21-1528434838 | 0 | |
| DEV XSS Protection bypass made my quickest bounty ever!! | So, this time I was able to bypass protection also able to manage some bounty with quick time.I have got some cool swag and little bounty to them before reporting this XSS to them :) .I had found HTML injection on their public discussion.At that time I was able to inject malicious script with HTML. | 329 |
| XSS using meta Tags | As a Pentester, i thought let’s try to find some vulnerabilities. I found many vulnerabilities (mentioned in the last of article). i reported them and they thanked me and also promised me to reward something and may he they hire me. It’s been 1–2 months i didn’t get reply back. | 215 |
| How I found a stored XSS on thousands of webshops | I’d like to share with you the story of how I found a common misconfiguration in IBM’s Websphere Commerce, which can lead to a very interesting stored cross site scripting bug, affecting all users of some high-traffic sites. | 2151 |
| https://medium.com/@D0rkerDevil/how-i-convert-ssrf-to-xss-in-a-ssrf-vulnerable-jira-e9f37ad5b158?source=userActivityShare-90814179aa21-1529090798 | 0 | |
| Demonstrating Reflected versus DOM Based XSS | Update April 2021: Some changes to the heroku Juice Shop app have broken this demo. The script payload no longer works for Juice shop, however there are other XSS payloads that do work, such as payloads that use onerror attribute of img tag. | 1652 |
| The story behined the Strong XSS filter bypass! | Yeasir Arafat again here to share the latest finds Sharing is Caring!! Today's topic is about to bypassing XSS filters on a Domain & hosting company who runs a public bug bounty program. | 365 |
| Self-XSS + CSRF to Stored XSS | Hola, this is Renwa from Kurdistan i’m glad to write my first write-up about infosec and Bugbounties. | 294 |
| What is XSS? Cross-site Scripting Explained | 0 | |
| How I Found Stored XSS in Yahoo! | 0 | |
| Reflected XSS via AngularJS Template Injection | Hostinger | 0 | |
| DOM XSS Intro | 0 | |
| How to identify whether XSS is reflected or DOM based? | I understand the difference between reflected and Dom. Their execution is same but I do not understand if an XSS is triggered how to identify whether | 33 |
| Reflected XSS on Stack Overflow | This is @newp_th. Today I want to share with you a Reflected XSS which I found in Stack Overflow. While i was testing some other domain and doing spider activity in burpsuite, I checked issues tab whether any issues were popped up. | 206 |
| https://medium.com/@jonathanbouman/reflected-client-xss-amazon-com-7b0d3cec787?source=userActivityShare-90814179aa21-1530651945 | 0 | |
| https://www.sagarvd.me/2018/07/google-xss-training.html | 0 | |
| Into the Borg – SSRF inside Google production network | In March 2018, I reported an XSS in Google Caja, a tool to securely embed arbitrary html/javascript in a webpage. In May 2018, after the XSS was fixed, I realised that Google Sites was using an unpatched version of Google Caja, so I looked if it was vulnerable to the XSS. | 1518 |
| Google Assistant Bug Worth $3133.7 ! | Hi hackers! Long time no see.. My college Prof. asked me to conduct some useful workshop for students. After a quick search, I figured out on the workshop as “Making apps using Google Assistant”. | 247 |
| Cross Site Scripting ( XSS) | Cross Site Scripting (XSS) is a vulnerability that allows malicious users to insert client-side code into web pages that is then executed by a user's browser. This code can steal cookies, access private information, perform actions on the user's behalf, and redirect them to malicious websites. | 7582 |
| Cross site scripting XSS | Cross-site scripting (XSS) is one of the most common web application attacks, where malicious scripts are injected into otherwise benign websites. There are three main types of XSS attacks - stored, reflected, and DOM-based. | 7613 |
| XSS in hidden input fields | At PortSwigger, we regularly run pre-release builds of Burp Suite against an internal testbed of popular web applications to make sure it's behaving properly. Whilst doing this recently, Liam found a | 0 |
| https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/XSS%20injection/Intruders/BRUTELOGIC-XSS-STRINGS.txt | 0 | |
| Web Security Academy | In this section, we'll explain what cross-site scripting is, describe the different varieties of cross-site scripting vulnerabilities, and spell out how to find and prevent cross-site scripting. | 1760 |
| https://link.medium.com/PuuLikMpvV | 0 | |
| Automating Discovery and Exploiting DOM (Client) XSS Vulnerabilities using Sboxr — Part 1 | This series of blogposts show how you can identify DOM XSS issues using Sboxr on Single Page or JavaScript rich applications. As examples, we solved the 10 exercises at the DOM XSS playground at https://domgo.at and created simple Proof of Concept exploits for the detected issues. | 1307 |
| Without-Parentheses.md | Skip to content Navigation Menu Sign in Sign in Sign up You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session. | 1100 |
| XSSed my way to 1000$ | / | 0 |
| Open-redirect to Account Takeover. | Hi everyone this is my first writeup about my first bug and I want to share how I escalated open redirect to Account Takeover. Let’s go This was the URL which redirects to the given page after login but the issue was that if I pass https://google.com to next parameter it will redirect to google. | 381 |
| hakluke/weaponised-XSS-payloads | XSS payloads designed to turn alert(1) into P1. In this repository you will find a bunch of JavaScript files which can be loaded into an XSS payload in order to perform sensitive functions on popular CMS platforms in the context of the victim's browser. | 295 |
| Samet SAHIN | 0 | |
| https://ardern.io/2019/06/20/payload-bxss/ | 0 | |
| Cross Site Scripting (XSS) Payload Generator | This post will help you to evade some of those tricky cross site scripting restrictions with the help of a new tool I’ve pushed to our XSS Payloads repository. | 819 |
| https://sylarsec.com/2019/08/06/making-xss-more-discoverable-with-knoxss/ | 0 | |
| Show me thy XSS abilities, polyglot! | So its 0045 EAT and im up reading the OWASP Testing Guide V4. I have always used OWASP as my appsec bible, but i have never gone through this whole book. And boy how much wonder it packs. Anywayyyyyyyy, looking back, i discovered a duplicate vulnerability on an XYZ platform (on hackerone). | 405 |
| B-XSSRF - Toolkit To Detect And Keep Track On Blind XSS, XXE And SSRF | Toolkit to detect and keep track on Blind XSS, XXE & SSRF. | 90 |
| https://ryanwise.me/intigriti-xss-challenge/ | 0 | |
| payloadbox/xss-payload-list | Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. | 25113 |
| Web Security Academy | This cross-site scripting (XSS) cheat sheet contains many vectors that can help you bypass WAFs and filters. You can select vectors by the event, tag or browser and a proof of concept is included for every vector. You can download a PDF version of the XSS cheat sheet. | 1979 |
| XSS in GMail’s AMP4Email via DOM Clobbering | This post is a write up of an already-fixed XSS in AMP4Email I reported via Google Vulnerability Reward Program in August 2019. The XSS is an example of a real-world exploitation of well-known browser issue called DOM Clobbering. | 1506 |
| Testing for XSS (Like a KNOXSS) | Testing for Cross-Site Scripting (XSS) might seem easy at first sight, with several hacking tools automating this process. But regardless of how tests to find a XSS are performed, automated or manually, here we will see a step-by-step procedure to try to find most of the XSS cases out there. | 1360 |
| Cross Site Scripting (XSS) | Author: KirstenS Contributor(s): Jim Manico, Jeff Williams, Dave Wichers, Adar Weidman, Roman, Alan Jex, Andrew Smith, Jeff Knutson, Imifos, Erez Yalon, kingthorin, Vikas Khanna. | 2369 |
| Samesite by Default and What It Means for Bug Bounty Hunters | You have probably heard of the SameSite attribute addition to HTTP cookies since Chrome 51 (and a specification thereafter). It was advertised as a CSRF killer. This attribute is going to be set by default for all cookies in Chrome 80 (February 4, 2020). | 784 |
| https://link.medium.com/ou6vRdq313 | 0 | |
| $20000 Facebook DOM XSS | The window.postMessage() method safely enables cross-origin communication between Window objects; e.g., between a page and a pop-up that it spawned, or between a page and an iframe embedded within it. — Mozilla postMessage Documentation | 913 |
| Documenting the impossible: Unexploitable XSS labs | Gareth Heyes Researcher @garethheyes Have you ever found some risky behavior, but couldn't quite prove it was exploitable? Our XSS cheat sheet contains virtually every exploit technique we know of, but what should you do if you can't find a technique for your scenario? Did we just forget to mention | 732 |
| terjanq/Tiny-XSS-Payloads | A collection of short XSS payloads that can be used in different contexts. The DEMO available here: https://tinyxss.terjanq. | 340 |
| imran-parray/Mind-Maps | This repository stores and houses various Mindmaps for bug bounty Hunters🧑🦰, pentesters🧑🦰 and offensive(🔴)/defensive(🔵) security Professionals🫂 provided by me as well as contributed by the community🧑🏻🤝🧑🏽. | 43 |
| KathanP19/Gxss | A Light Weight Tool for checking reflecting Parameters in a URL. Inspired by kxss by @tomnomnom. | 387 |
| Top 25 XSS Bug Bounty Reports | In this article, we will discuss Cross-Site Scripting (XSS) vulnerability, how to find one and present 25 disclosed reports based on this issue. | 192 |
| theinfosecguy/QuickXSS | Bash Script to Automate XSS using Waybackurls, GF, GF Patterns and Dalfox. Install Go in your Machine and then install required Tools. | 295 |
| Burp Suite For Pentester: HackBar | Isn’t it a bit time consuming and a boring task to insert a new payload manually every time for a specific vulnerability and check for its response? | 2021 |
| payloadbox/xss-payload-list | Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. | 25113 |
| vavkamil/awesome-bugbounty-tools | A curated list of various bug bounty tools ReconSubdomain Enumeration Port Scanning Screenshots Technologies Content Discovery Links Parameters Fuzzing ExploitationCommand Injection CORS Misconfiguration CRLF Injection CSRF Injection Directory Traversal File Inclusion GraphQL Injection Header Inject | 4230 |
| https://link.medium.com/Rix1UkYCidb | 0 | |
| https://link.medium.com/6Kl8wtTDidb | 0 | |
| RenwaX23/XSSTRON | Install Node.js and npm (https://www.npmjs.com/get-npm) or (sudo apt install npm) Download this repo files or (git clone https://github. | 222 |
| lutfumertceylan/top25-parameter | For basic researches, top 25 vulnerable parameters based on frequency of use with reference to various articles. These parameters can be used for automation tools or manual recon. Although the prevalence percentages of these parameters cannot be proven precisely. | 160 |
| https://link.medium.com/6t0ElelxRdb | 0 | |
| The Ultimate Guide to Finding and Escalating XSS Bugs | What is XSS? Cross-Site Scripting (XSS) is the most common vulnerability discovered on web applications. It occurs when an attacker is able to execute client-side JavaScript in another user’s browser. XSS is a very interesting and dynamic bug class for a number of reasons. | 3464 |
| https://link.medium.com/S9J8VIobnfb | 0 | |
| mandatoryprogrammer/xsshunter-express | The fastest way to set up XSS Hunter to test and find blind cross-site scripting vulnerabilities. To set up XSS Hunter Express, modify the docker-compose.yaml file with your appropriate settings/passwords/etc. | 981 |
| Training XSS Muscles | XSS is all about practice. It requires a lot of time to print in the mind all vectors, payloads and tricks at our disposal. There are lots of XSS cases, each one requiring a different approach and construct to pop the alert box. | 448 |
| 10 Types of Web Vulnerabilities that are Often Missed | Crowdsource hackers Hakluke and Farah Hawa share the top web vulnerabilities that are often missed during security testing. When hunting for bugs, especially on competitive bug bounty programs, it is always best to hunt in a way that invokes the least competition. | 3624 |
| Web Security Academy | As you have injected a backslash and the site isn't escaping them, when the JSON response attempts to escape the opening double-quotes character, it adds a second backslash. The resulting double-backslash causes the escaping to be effectively canceled out. | 127 |
| An unusual way to find XSS injection in one minute | Hi there! I think that many developers have heard that you can’t trust any user input, and indeed it is. However, there are some places that are often overlooked, which lead to vulnerabilities. And one of those places is ……. registration 🤔. | 386 |
| Reflected XSS DVWA — An Exploit With Real World Consequences — StackZero | Reading tons of pages of Reflected XSS and how it works, could not be enough to understand deeply, so DVWA comes again to our aid.The best way to make the concept our own is, as usual, the practical one. | 187 |
| Our favourite community contributions to the XSS cheat sheet | Since we launched the ever popular XSS cheat sheet, we've had some fantastic contributions from the XSS community. In this post, we thought we'd take the opportunity to highlight the seven best commun | 0 |
| https://medium.com/bugbountywriteup/600k-bounty-jetty-features-response-queue-poisoning-bypass-ssrf-protections-xss-9b7644077829 | 0 | |
| yeswehack/vulnerable-code-snippets | YesWeHack present code snippets containing several different vulnerabilities to practice your code analysis in a safe dockerized envoriment. The vulnerable code snippets are suitable for all skill levels. | 830 |
| Exploit Notes | This site offers useful techniques & cheatsheets for hackers. If you find this site helpful, please consider supporting my ongoing efforts through a donation. | 42 |
| XSS.Report | Welcome to XSS. | 91 |
| 👩💻IW Weekly #39 : $10,000 Bounty, Zero-click Account Takeover, Stored XSS, Open Redirection Vulnerability, SQL Injection, RCE, Reconnaissance Techniques, and much more… | Welcome to the #IWWeekly39 - the Monday newsletter that brings the best in Infosec straight to your inbox. IWCON2022 finally came to a glorious end ❤️ Thank you for joining us. | 657 |
| https://heli9.com/reflected-xss/ | 0 | |
| XSS Bypass for Rich Text Editors | As bug bounty hunters and pen-testers, it’s crucial to know how to bypass XSS filters such as TinyMCE. Rich text editors tend to allow HTML tags by design and use filters to prevent XSS. First, try all the built-in functions like bold, links, and embedded images. | 156 |
| Get bounties with Blind XSS | 0 | |
| The XSS hunter's secret weapon | Find, report and stay up-to-date on XSS vulnerabilities with BXSSHUNTER, the ultimate tool for professionals. Discover cross-site scripting (XSS) vulnerabilities using BXSSHUNTER. | 166 |
| https://infosecwriteups.com/bypassing-character-limit-xss-using-spanned-payload-7301ffac226e | 0 | |
| https://infosecwriteups.com/mastering-xss-a-comprehensive-guide-for-bug-bounty-hunters-fc4e2b4ad1f1 | 0 | |
| devanshbatham/Vulnerabilities-Unmasked | This repo tries to explain complex security vulnerabilities in simple terms that even a five-year-old can understand! Disclaimer: The analogies provided in this conversation are generated by a Language Model (LLM) using prompt engineering techniques. | 3112 |
| NucleiFuzzer - Powerful Automation Tool For Detecting XSS, SQLi, SSRF, Open-Redirect, Etc.. Vulnerabilities In Web Applications | NucleiFuzzer is an automation tool that combines ParamSpider and Nuclei to enhance web application security testing. It uses ParamSpider to identify potential entry points and Nuclei's templates to scan for vulnerabilities. | 227 |
| JS-Tap: Weaponizing JavaScript for Red Teams | How do you use malicious JavaScript to attack an application you know nothing about? Application penetration testers often create custom weaponized JavaScript payloads to demonstrate potential impact to clients. | 2726 |
| A Bunch of Web and XSS Challenges | Due to being busy lately, I haven’t been participating in CTFs as much in the past two or three months. However, I still come across some interesting challenges on Twitter. | 1877 |
| XSSRF : The Matrimony of XSS and SSRF. | Hey folks, Nauman Khan back in action! 🚀 Today, we’re diving into the depth of XSSRF — where Server-Side Request Forgery (SSRF) meets Cross-Site Scripting (XSS). Lets Learn How I was able to turn an Informative(P5) SSRF to an High(P2) Severity Vulnerability And Got $$$ for it. | 396 |
| Mass Hunting Blind XSS Using XSSHunter Express Part 1 | The Blind Cross-Site Scripting is a pretty serious client-side vulnerability with serious consequences. This type of vulnerability enables attackers to insert harmful scripts capable of stealing sensitive data, taking over user sessions, defacing websites, or initiating more complex attacks. | 1233 |
| Hunting Blind XSS on the Large Scale — Practical Techniques | In this article, I will reveal the techniques for detecting Blind Cross-Site Scripting at scale. We will dive into the Blind XSS payloads used to bypass WAF, open-source tools from GitHub, and methodology. | 2529 |
| How I Found Multiple XSS Vulnerabilities Using Unknown Techniques | Hello, everyone. I hope you are well. Today I’m going to talk about Multiple XSS Attacks Using Different Techniques, which I discovered while working in various bug bounty programs. | 2720 |
| Find SSRF , LFI , XSS using httpx , waybackurls , gf , gau , qsreplace | This will help you in bug bounty because it’s advance bug bounty tips i have also a please visit there and watch video on advance subdomain recon and subdomain takeover and some poc video is also there. So let’s start | 113 |