Navigation



Tag Archives | cross-site-scripting




XSSYA – Cross Site Scripting (XSS) Scanner Tool

Last updated: November 13, 2015 | 8,707 views

XSSYA is a Cross Site Scripting Scanner & Vulnerability Confirmation Tool, it’s written in Python and works by executing an encoded payload to bypass Web Application Firewalls (WAF) which is the first method request and response. If the website/app responds 200 it attempts to use “Method 2” which searches for the payload decoded in the […]

Share53
+120
Share18
Shares 167
Topic: Hacking Tools, Web Hacking

Acunetix WVS (Web Vulnerability Scanner) 7 Review – Engine & Scanning Improvements

Last updated: September 9, 2015 | 15,433 views

We wrote our first review of Acunetix WVS 6 back in January 2009 and published an update about the release of Acunetix Web Vulnerability Scanner (WVS) 6.5 in June 2009. The team over at Acunetix have been working hard on version 7 for quite some time and released a new build with added features earlier […]

Share1
+1
Share4
Shares 26
Topic: Advertorial, Database Hacking, Exploits/Vulnerabilities, Hacking Tools, Networking Hacking, Web Hacking

Jarlsberg – Learn Web Application Exploits and Defenses

Last updated: September 9, 2015 | 8,728 views

This codelab is built around Jarlsberg /yärlz’·bərg/, a small, cheesy web application that allows its users to publish snippets of text and store assorted files. “Unfortunately,” Jarlsberg has multiple security bugs ranging from cross-site scripting and cross-site request forgery, to information disclosure, denial of service, and remote code execution. The goal of this codelab is […]

Share1
+1
Share
Shares 1
Topic: Countermeasures, Exploits/Vulnerabilities, Web Hacking

PayPal Patches Critical Security Vulnerabilities

Last updated: September 9, 2015 | 15,492 views

PayPal in the news again for a series of fairly high-profile vulnerabilities discovered by the same guy that found the XSS bugs in Google Calendar and Twitter (Nir Goldshlager). I’m glad people are looking at PayPal as I’m sure the volume of monetary transactions that pass through their site on a daily basis is huge. […]

Share1
+1
Share
Shares 1
Topic: Exploits/Vulnerabilities, Privacy, Web Hacking

x5s – Automated XSS Security Testing Assistant

Last updated: September 9, 2015 | 7,603 views

x5s is a Fiddler add-on which aims to assist penetration testers in finding cross-site scripting vulnerabilities. It’s main goal is to help you identify the hotspots where XSS might occur by: Detecting where safe encodings were not applied to emitted user-inputs Detecting where Unicode character transformations might bypass security filters Detecting where non-shortest UTF-8 encodings […]

Share
+1
Share
Shares 0
Topic: Hacking Tools, Web Hacking

Popular Tags

computer-security · darknet · Database Hacking · ddos · exploits · fuzzing · google · hacking-networks · hacking-websites · hacking-windows · hacking tool · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · pen-testing · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · windows · windows-security · Windows Hacking · worms · XSS ·