Skip to main content

XSSHunter for pentesting

XSS Hunter is a recently launched platform that makes pentesting for XSS vulnerabilities much easier to monitor and organize. Through it you can launch all kinds of XSS attacks, but where it really shines is when carrying out a Blind XSS attack.

A Blind XSS attack is a variation of the stored or persistent attacks and typically affects web applications that allows users to store data. It occurs when the attacker exploits a vulnerability which allows him to save his payload on the server's side (i.e in a database), subsequently served with the rest of the content of the affected page, this way affecting all those who visit the vulnerable web page. A booby-trapped comment posted in a public forum that when clicked triggers the exploit is a prime example.

full article on i-programmer

Comments

Popular posts from this blog

Spatial Data Management For GIS and Data Scientists

  Videos of the lectures taught in Fall 2023 at the University of Tennessee are now available as a YouTube playlist. They provide a complete overview of the concepts of GeoSpatial science using Google Earth Engine, PostgresSQL GIS , DuckDB, Python and SQL. https://www.i-programmer.info/news/145-mapping-a-gis/16772-spatial-data-management-for-gis-and-data-scientists.html