This post is by a banned member (kjman) - Unhide
18 April, 2023 - 02:20 PM
Reply
(20 December, 2022 - 02:00 AM)de4dot Wrote: Show More[font][font]你好![/font][/font]
[font][font]今天我将向您展示如何使用自动化工具和 Kali Linux 检测某些站点中的 XSS 漏洞。 [/font][/font]
[font][font]我们将考虑以下几点:[/font][/font]
[font][font][1] XSS - 新手入门[/font][/font]
[font][font][2] 用于扫描的自动化 XSS 工具[/font][/font]
[font][font][3] 测试......[/font][/font]
[font][font]简介[/font][/font]
[font][font]> 跨站点脚本 (XSS) 是一种客户端代码注入攻击。[/font][font]攻击者旨在通过在合法网页或 Web 应用程序中包含恶意代码,在受害者的 Web 浏览器中执行恶意脚本。[/font][font]当受害者访问执行恶意代码的网页或 Web 应用程序时,就会发生实际的攻击。[/font][font]网页或 Web 应用程序成为将恶意脚本传送到用户浏览器的工具。[/font][font]常用于跨站点脚本攻击的易受攻击的工具是论坛、留言板和允许评论的网页。[/font][font]如果网页或 Web 应用程序在其生成的输出中使用未经过滤的用户输入,则它容易受到 XSS 攻击。[/font][font]然后,受害者的浏览器必须解析此用户输入。[/font][font]XSS 攻击可能在 VBScript、ActiveX、Flash 甚至 CSS 中发生。[/font][font]然而,[/font][/font]
[font][font]zsc sssssssssssssssss[/font][/font]
This post is by a banned member (WillythePoo) - Unhide
25 April, 2023 - 07:06 PM
Reply
This post is by a banned member (Usme21023) - Unhide
09 May, 2023 - 12:26 AM
Reply
This post is by a banned member (IzaUsername2) - Unhide
30 July, 2023 - 02:36 AM
Reply
(20 December, 2022 - 02:00 AM)de4dot Wrote: Show MoreHello!
Today I will show u how to detect XSS vulnerability in some site with automated tool and Kali Linux.
We will consider the following points:
[1] XSS - Introduction for newbies
[2] Automated XSS tools for scanning
[3] Testing...
Introduction
> Cross-site Scripting (XSS) is a client-side code injection attack. The attacker aims to execute malicious scripts in a web browser of the victim by including malicious code in a legitimate web page or web application. The actual attack occurs when the victim visits the web page or web application that executes the malicious code. The web page or web application becomes a vehicle to deliver the malicious script to the user’s browser. Vulnerable vehicles that are commonly used for Cross-site Scripting attacks are forums, message boards, and web pages that allow comments. A web page or web application is vulnerable to XSS if it uses unsanitized user input in the output that it generates. This user input must then be parsed by the victim’s browser. XSS attacks are possible in VBScript, ActiveX, Flash, and even CSS. However, they are most common in JavaScript, primarily because JavaScript is fundamental to most browsing experiences.
Thanks
This post is by a banned member (youssefGis) - Unhide
16 August, 2023 - 03:33 AM
Reply
This post is by a banned member (kingnaw26) - Unhide
24 October, 2023 - 09:44 PM
Reply
This post is by a banned member (asthmatick1d) - Unhide
26 November, 2023 - 08:52 PM
Reply
This post is by a banned member (Naho666) - Unhide
06 April, 2024 - 03:44 PM
Reply