Navigation



Tag Archives | cross-site-scripting




XSSYA – Cross Site Scripting (XSS) Scanner Tool

Last updated: November 13, 2015 | 9,524 views

XSSYA is a Cross Site Scripting Scanner & Vulnerability Confirmation Tool, it’s written in Python and works by executing an encoded payload to bypass Web Application Firewalls (WAF) which is the first method request and response. If the website/app responds 200 it attempts to use “Method 2” which searches for the payload decoded in the […]

Share53
Tweet76
+120
Share18
167 Shares
Topic: Hacking Tools, Web Hacking

Acunetix WVS (Web Vulnerability Scanner) 7 Review – Engine & Scanning Improvements

Last updated: September 9, 2015 | 15,514 views

We wrote our first review of Acunetix WVS 6 back in January 2009 and published an update about the release of Acunetix Web Vulnerability Scanner (WVS) 6.5 in June 2009. The team over at Acunetix have been working hard on version 7 for quite some time and released a new build with added features earlier […]

Share1
Tweet21
+1
Share4
26 Shares
Topic: Advertorial, Database Hacking, Exploits/Vulnerabilities, Hacking Tools, Networking Hacking, Web Hacking

Jarlsberg – Learn Web Application Exploits and Defenses

Last updated: September 9, 2015 | 9,168 views

This codelab is built around Jarlsberg /yärlz’·bərg/, a small, cheesy web application that allows its users to publish snippets of text and store assorted files. “Unfortunately,” Jarlsberg has multiple security bugs ranging from cross-site scripting and cross-site request forgery, to information disclosure, denial of service, and remote code execution. The goal of this codelab is […]

Share1
Tweet
+1
Share
1 Shares
Topic: Countermeasures, Exploits/Vulnerabilities, Web Hacking

PayPal Patches Critical Security Vulnerabilities

Last updated: September 9, 2015 | 15,500 views

PayPal in the news again for a series of fairly high-profile vulnerabilities discovered by the same guy that found the XSS bugs in Google Calendar and Twitter (Nir Goldshlager). I’m glad people are looking at PayPal as I’m sure the volume of monetary transactions that pass through their site on a daily basis is huge. […]

Share1
Tweet
+1
Share
1 Shares
Topic: Exploits/Vulnerabilities, Privacy, Web Hacking

x5s – Automated XSS Security Testing Assistant

Last updated: September 9, 2015 | 7,635 views

x5s is a Fiddler add-on which aims to assist penetration testers in finding cross-site scripting vulnerabilities. It’s main goal is to help you identify the hotspots where XSS might occur by: Detecting where safe encodings were not applied to emitted user-inputs Detecting where Unicode character transformations might bypass security filters Detecting where non-shortest UTF-8 encodings […]

Share
Tweet
+1
Share
Topic: Hacking Tools, Web Hacking

Popular Tags

computer-security · darknet · ddos · dos · exploits · fuzzing · google · hacking-networks · hacking-websites · hacking-windows · hacking tool · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · pen-testing · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · windows · windows-security · Windows Hacking · worms · XSS ·