-
Recent Posts
Recent Comments
Archives
Categories
- Access Control Flaws
- Authentication Flaws
- Backdoors
- Blind SQL Injection
- Bypass Client Side Validation
- Cache Poisoning
- Client Side Filtering Attacks
- Client-Side Attacks
- Cross Site Request Forgery
- Cross Site Scripting
- Cross Site Tracing Attacks
- Cryptographic Attacks
- Data Layer Access Control
- Denial of Service
- DOM Based XSS
- Encoding
- Fail Open Authentication
- File Handling Vulnerabilities
- Hidden Fields
- HTTP Splitting
- Improper Error Handling
- Injection Flaws
- Insecure Client Storage
- Insecure Login
- JSON Injection
- Log Spoofing
- Multi-Level Logon
- Numeric SQL Injection
- Password Recovery Attack
- Reflected XSS
- Remote Admin Attacks
- Same Origin Policy Protection
- Session Hijacking
- Silent Transactions Attack
- SOAP Request
- Spoofing Cookies
- SQL Injection
- Stored XSS
- String SQL Injection
- Thread Safety Problems
- Uncategorized
- Weak Authentication
- WSDL Scanning
- XML Injection
- XPATH Injection
Meta
Tag Archives: dom-based xss
WebGoat Week 2
This is the second in a series of ten posts for the OWSAP WebGoat vulnerable web application. New posts for WebGoat will post every Monday. LAB: Role Based Access Control Scheme Bypass Business Layer Access Control For this lab you … Continue reading
Cross Site Scripting – So what?
Ok – so I decided to put in a few things about Cross Site Scripting. I wanted to give you enough information to be able to both understand XSS, and more importantly do it against a modern application protected by … Continue reading
Posted in Cross Site Scripting
Tagged dom-based xss, filter evasion, reflected xss, stored xss
Leave a comment
