Navigation



Tag Archives | cross-site-scripting




XSSYA v2.0 Released – XSS Vulnerability Confirmation Tool

Last updated: June 26, 2017 | 2,764 views

We first published about XSSYA back in 2014, and it seemed to be pretty popular, there’s not a whole lot of tools in the XSS (Cross Site Scripting) space. For those who are unfamiliar, XSSYA used to be Cross Site Scripting aka XSS Vulnerability Scanner & Confirmation tool – the scanning portion has been removed […]

Share44
Tweet649
Share28
Share
Buffer
WhatsApp
Reddit
Flip
Vote
Email
721 Shares
Topic: Hacking Tools, Web Hacking

XSSYA – Cross Site Scripting (XSS) Scanner Tool

Last updated: November 13, 2015 | 9,753 views

XSSYA is a Cross Site Scripting Scanner & Vulnerability Confirmation Tool, it’s written in Python and works by executing an encoded payload to bypass Web Application Firewalls (WAF) which is the first method request and response. If the website/app responds 200 it attempts to use “Method 2” which searches for the payload decoded in the […]

Share53
Tweet76
Share18
Share
Buffer
WhatsApp
Reddit
Flip
Vote
Email
147 Shares
Topic: Hacking Tools, Web Hacking

Acunetix WVS (Web Vulnerability Scanner) 7 Review – Engine & Scanning Improvements

Last updated: September 9, 2015 | 15,563 views

We wrote our first review of Acunetix WVS 6 back in January 2009 and published an update about the release of Acunetix Web Vulnerability Scanner (WVS) 6.5 in June 2009. The team over at Acunetix have been working hard on version 7 for quite some time and released a new build with added features earlier […]

Share1
Tweet21
Share4
Share
Buffer
WhatsApp
Reddit
Flip
Vote
Email
26 Shares
Topic: Advertorial, Database Hacking, Exploits/Vulnerabilities, Hacking Tools, Networking Hacking, Web Hacking

Jarlsberg – Learn Web Application Exploits and Defenses

Last updated: September 9, 2015 | 9,714 views

This codelab is built around Jarlsberg /yärlz’·bərg/, a small, cheesy web application that allows its users to publish snippets of text and store assorted files. “Unfortunately,” Jarlsberg has multiple security bugs ranging from cross-site scripting and cross-site request forgery, to information disclosure, denial of service, and remote code execution. The goal of this codelab is […]

Share1
Tweet
Share
Share
Buffer
WhatsApp
Reddit
Flip
Vote
Email
1 Shares
Topic: Countermeasures, Exploits/Vulnerabilities, Web Hacking

PayPal Patches Critical Security Vulnerabilities

Last updated: September 9, 2015 | 15,510 views

PayPal in the news again for a series of fairly high-profile vulnerabilities discovered by the same guy that found the XSS bugs in Google Calendar and Twitter (Nir Goldshlager). I’m glad people are looking at PayPal as I’m sure the volume of monetary transactions that pass through their site on a daily basis is huge. […]

Share1
Tweet
Share
Share
Buffer
WhatsApp
Reddit
Flip
Vote
Email
1 Shares
Topic: Exploits/Vulnerabilities, Privacy, Web Hacking

x5s – Automated XSS Security Testing Assistant

Last updated: September 9, 2015 | 7,654 views

x5s is a Fiddler add-on which aims to assist penetration testers in finding cross-site scripting vulnerabilities. It’s main goal is to help you identify the hotspots where XSS might occur by: Detecting where safe encodings were not applied to emitted user-inputs Detecting where Unicode character transformations might bypass security filters Detecting where non-shortest UTF-8 encodings […]

Share
Tweet
Share
Share
Buffer
WhatsApp
Reddit
Flip
Vote
Email
0 Shares
Topic: Hacking Tools, Web Hacking

Popular Tags

computer-security · darknet · ddos · dos · exploits · fuzzing · google · hacking-networks · hacking-websites · hacking-windows · hacking tool · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · pen-testing · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · windows · windows-security · Windows Hacking · worms · XSS ·