all InfoSec news
MY Methodology for Cross Site Scripting (XSS)
July 13, 2023, 11:34 a.m. | Krip
System Weakness - Medium systemweakness.com
Hey folks,
I am Krip. today i am sharing my methodology for cross site scripting (XSS). Let’s get started. First thing is don’t depend 100% on this.
Discovering subdomains
There are many tools for finding subdomains like amass, subfinder etc. Use your preferable tools. I prefer Subfinder.
Subfinder: https://github.com/projectdiscovery/subfinder
amass: https://github.com/owasp-amass/amass
Validating subdomains
There are many tools for validating subdomain. i prefer HTTP X. you can use another tools also
HTTP X: https://github.com/projectdiscovery/httpx
Discovering Parameters
For …
More from systemweakness.com / System Weakness - Medium
Limit Requests to EC2 Instances to Cloudflare Only IPs
2 days, 23 hours ago |
systemweakness.com
Canary Codes for Curious Minds
2 days, 23 hours ago |
systemweakness.com
Zero Trust Network Access
3 days, 21 hours ago |
systemweakness.com
Detecting Mobile Threats: Indicators of Compromise
3 days, 21 hours ago |
systemweakness.com
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Network Security Engineer
@ Meta | Menlo Park, CA | Remote, US
Security Engineer, Investigations - i3
@ Meta | Washington, DC
Threat Investigator- Security Analyst
@ Meta | Menlo Park, CA | Seattle, WA | Washington, DC
Security Operations Engineer II
@ Microsoft | Redmond, Washington, United States
Engineering -- Tech Risk -- Global Cyber Defense & Intelligence -- Bug Bounty -- Associate -- Dallas
@ Goldman Sachs | Dallas, Texas, United States