all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

MY Methodology for Cross Site Scripting (XSS)

Add to bookmarks
July 13, 2023, 11:34 a.m. | Krip

System Weakness - Medium systemweakness.com

Hey folks,

I am Krip. today i am sharing my methodology for cross site scripting (XSS). Let’s get started. First thing is don’t depend 100% on this.

Discovering subdomains

There are many tools for finding subdomains like amass, subfinder etc. Use your preferable tools. I prefer Subfinder.

Subfinder: https://github.com/projectdiscovery/subfinder

amass: https://github.com/owasp-amass/amass

Validating subdomains

There are many tools for validating subdomain. i prefer HTTP X. you can use another tools also

HTTP X: https://github.com/projectdiscovery/httpx

Discovering Parameters

For …

bug bounty bug-bounty-tips xss-attack

Visit resource

More from systemweakness.com / System Weakness - Medium

The Future of Programming: A Look at Emerging Languages Shaping Software Development 2 days, 3 hours ago | systemweakness.com
address article changing development +14
Cyber Detectives Unite: Advanced Tools for Web Security 2 days, 3 hours ago | systemweakness.com
bug bounty computer science cybersecurity ethical hacking +1
Mittre Att&ck‘s User Manual 2 days, 23 hours ago | systemweakness.com
adversary amp att attacks +22
Unveiling the Hidden: A Guide to Passive Subdomain Enumeration 2 days, 23 hours ago | systemweakness.com
bug bounty hacking security technology +1
Limit Requests to EC2 Instances to Cloudflare Only IPs 2 days, 23 hours ago | systemweakness.com
aws aws lambda cloudflare security +1
Canary Codes for Curious Minds 2 days, 23 hours ago | systemweakness.com
canary tokens hacking ip address location +1
Zero Trust Network Access 3 days, 21 hours ago | systemweakness.com
least privilege microsegmentation network security virtual private network +1
Ransomware-as-a-Service: Democratizing Digital Destruction and How to Fortify Your Defenses 3 days, 21 hours ago | systemweakness.com
as-a-service attacks businesses critical +24
Detecting Mobile Threats: Indicators of Compromise 3 days, 21 hours ago | systemweakness.com
business compromise continue cybersecurity +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Network Security Engineer

@ Meta | Menlo Park, CA | Remote, US
View on infosec-jobs.com

Security Engineer, Investigations - i3

@ Meta | Washington, DC
View on infosec-jobs.com

Threat Investigator- Security Analyst

@ Meta | Menlo Park, CA | Seattle, WA | Washington, DC
View on infosec-jobs.com

Security Operations Engineer II

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Engineering -- Tech Risk -- Global Cyber Defense & Intelligence -- Bug Bounty -- Associate -- Dallas

@ Goldman Sachs | Dallas, Texas, United States
View on infosec-jobs.com
View more jobs