Latest News

Manual Web Application Penetration Testing – Finding XSS by Playing With Parameters

Introduction
In my previous article we saw the different ways of fuzzing, including suffix and prefix. We used those fuzzing techniques in order to find error messages in web applications. Now that we know how to fuzz, we will use that skill to find XSS, generally known as cross site scripting.

Testing For XSS
Without wasting any time, let’s go to the Document Viewer page under the A3 cross site scripting (XSS) module. Various methods of exploiting XSS are in there, but first we will choose a simple method which is HTTP attribute.

No comments:

Post a Comment

Contact Us

24x7 online , we happy to answer you
tamilcypc@gmail.com

Disclaimer

This Blog and its TUT's are intended for educational purposes only, no-one involved in the creation of this TuT may be held responsible for any illegal acts brought about by this Blog or TuT.



Featured Post

Custom Domains And HTTPS Redirection Code