3 Amazing techniques to find XSS (cross site scripting) vulnerability
Hello friends, I hope everyone is doing good . Today I will like to talk about some amazing ways to find XSS vulnerability . It is one of the most found and common vulnerability on web .
So lets get started
1.> Wayback machine + web applications functionality
This technique can be use to find old exploitable functionality of a web application . Lets see how this can be done using an example above.
ex.
suppose an web application have a function called notifications , so we will get that endpoint of notification functionality and search in wayback machine if it exists , then we will check whether those old functionality are still active or not . If those old functionality are still active and running then you can check if those endpoints are exploitable or not .
2.> SVG + XSS
SVG XSS is a very useful type of method to find XSS on domains
In this method you don't pop anything but you exploit the svg file's stored in the website .
For further reading on how to do this attack you can read -->
http://ghostlulz.com/xss-svg/
3.> Combining web scrapping tools and grepping useful information
There are various tools like meg , gau , waybackmachine and also by using wordlists
for example ,
first of all Give this guy a follow for useful tip and second thing we get to know that we can combine other tools also like meg+wayaback or gau+wayback and ther eare pretty more tools out there
it just you should be more creative and find out moreways to hack in the system :)
So time to take leave hope you guys got to know some new technqiues and comment if you know more so it can help other readers and me too . :)
If you want follow social links are below
for telegram link ping me on telegram and then only dm
bye!!
Comments
Post a Comment