Skip to main content

XSSHunter for pentesting

XSS Hunter is a recently launched platform that makes pentesting for XSS vulnerabilities much easier to monitor and organize. Through it you can launch all kinds of XSS attacks, but where it really shines is when carrying out a Blind XSS attack.

A Blind XSS attack is a variation of the stored or persistent attacks and typically affects web applications that allows users to store data. It occurs when the attacker exploits a vulnerability which allows him to save his payload on the server's side (i.e in a database), subsequently served with the rest of the content of the affected page, this way affecting all those who visit the vulnerable web page. A booby-trapped comment posted in a public forum that when clicked triggers the exploit is a prime example.

full article on i-programmer

Comments

Popular posts from this blog

Ingres vs Postgres MVCC Explained With Neo4j's LLM Knowledge Graph Builder

 LLM Knowledge Graph Builder is an application designed to turn unstructured data such as pdfs, text documents, YouTube videos, and web pages, into a knowledge graph stored in Neo4j, promising much better accuracy than simple RAG (Retrieval-Augmented Generation). https://www.i-programmer.info/news/80-java/17967-ingres-vs-postgres-mvcc-explained-with-neo4js-llm-knowledge-graph-builder-.html

The Advent of SQL 2024 Has Commenced

  It's Advent - the time of year when we countdown the days to Christmas - and if your are a programmer complete daily coding challenges with the Advent of Code, the Advent of Perl, the Advent of Java, Javascriptmas, etc. Now we have the Advent of SQL too with 24 SQL challenges to complete before Christmas! https://www.i-programmer.info/news/204-challenges/17678-the-advent-of-sql-2024-has-commenced.html