Hello guys so today i am going to teach you about cross site scripting attack






So Guys what is Cross Site Scripting:- 

In Easy Words Cross-site scripting is also known as (XSS) is a type of security vulnerability found in Web applications. XSS enables attackers to inject malicious script into Web pages.

Where We Can Inject Our Scripts :- For injecting our script we need inputs so here i am giving you some examples of inputs.

Search Box 
Sign Up Form
Login Form
Contact Us Page

So now i think you understand where we can inject our payloads and now i am giving you some best payloads which definitely works.just put any payload on this inputs and press enter if you got alert its mean there is a cross site scripting bug.

'<script>alert('xss message')</script>
"><script>alert('xss message')</script>
>/"><script>alert('xss message')</script>
"><script>alert(document.cookie)</script>
"><script>alert(document.cookie)</script>/><':
;<><script></script>/<script>alert('0')</script>

sometimes website have security like html entities which filter your payloads in special chars and words if website have security filters then you don't get any alert if you want to bypass it just drop you email on comment box i will send you my best ebook and private payloads which help you to bypass all type of filters.

Next Time I will Tell you how to find xss bug on 404 error page ..

Thanks for reading...if you like my post then please share it .

Post a Comment

 
Top