Posts
XSS Hunter is a recently launched platform that makes pentesting for
XSS vulnerabilities much easier to monitor and organize. Through it you
can launch all kinds of XSS attacks, but where it really shines is when
carrying out a Blind XSS attack.
A Blind XSS attack is a variation of the stored or persistent attacks and typically affects web applications that allows users to store data. It occurs when the attacker exploits a vulnerability which allows him to save his payload on the server's side (i.e in a database), subsequently served with the rest of the content of the affected page, this way affecting all those who visit the vulnerable web page. A booby-trapped comment posted in a public forum that when clicked triggers the exploit is a prime example.
full article on i-programmer
A Blind XSS attack is a variation of the stored or persistent attacks and typically affects web applications that allows users to store data. It occurs when the attacker exploits a vulnerability which allows him to save his payload on the server's side (i.e in a database), subsequently served with the rest of the content of the affected page, this way affecting all those who visit the vulnerable web page. A booby-trapped comment posted in a public forum that when clicked triggers the exploit is a prime example.
full article on i-programmer
Comments