Posts Tagged: xss

In this post we’ll have a look at the nodejs XSS attack/exploit in XVNA (eXtreme Vulnerable Node Application). Cross-site scripting is part of the OWASP Top 10 list that was published in 2017. We’ll use the setup detailed here (XVNA runs on port 80). As a web proxy, Burp or ZAP are highly recommended, but you can use anything else that allows you… Read Article →

This is a python script designed to automatically find XSS (cross-site scripting), directory traversal/LFI (local file inclusion) and open redirect vulnerabilities. It uses a predefined dictionary for XSS/LFI attacks that can easily be extended. The open redirect vulnerabilities are checked against malwrforensics.com The tool is released for testing purposes ONLY! How to use: Just point and… Read Article →

Scroll To Top