all InfoSec news
Scraping Login Credentials With XSS
TrustedSec www.trustedsec.com
Unauthenticated JavaScript Fun In prior blog posts I’ve shown the types of weaponized XSS attacks one can perform against authenticated users, using their session to access and exfiltrate data, or perform actions in the application as that user. But what if you only have unauthenticated XSS? Perhaps your client hasn’t provided you with credentials to...
The post Scraping Login Credentials With XSS appeared first on TrustedSec.
application security assessment credentials login login credentials penetration testing red team adversarial attack simulation remediation assistance & training scraping security testing & analysis xss