Cross Site Scripting – So what? | Web App Pentesting

Web App Pentesting

Just another WordPress.com site

Skip to content

Home
About

← Advaned SQL Injection Presentation

WAVSEP – Web Application Vulnerability Scanner Evaluation Project →

Cross Site Scripting – So what?

Posted on September 12, 2011 by Joseph McCray Jr.

Ok – so I decided to put in a few things about Cross Site Scripting. I wanted to give you enough information to be able to both understand XSS, and more importantly do it against a modern application protected by a Web Application Firewall (WAF).

Let’s start with the absolute basics of XSS:

Ok – that’s the basics of XSS. Now let’s move on to some more technical info about it:

Share this:

Twitter
Facebook
LinkedIn
Reddit
Google +1

Like this:

Like Loading...

About Joseph McCray Jr.

Things I love - My family (of course), Hacking, Basketball, Martial Arts....I'm a work-a-holic - deal with it.

View all posts by Joseph McCray Jr. →

This entry was posted in Cross Site Scripting and tagged dom-based xss, filter evasion, reflected xss, stored xss. Bookmark the permalink.

← Advaned SQL Injection Presentation

WAVSEP – Web Application Vulnerability Scanner Evaluation Project →

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Connecting to %s

Notify me of follow-up comments via email.

Search for:
Recent Posts
Recent Comments
Archives
Categories
Meta

Web App Pentesting

Theme: Customized Twenty Ten Blog at WordPress.com.

Follow

Follow “Web App Pentesting”

Get every new post delivered to your Inbox.

Join 74 other followers

Powered by WordPress.com

%d bloggers like this: