0x5t4l1n/hunting
1
0
Fork 0
mirror of https://github.com/0x5t4l1n/hunting.git synced 2026-05-26 19:36:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

Restructure repository: Remove OWASP categorization, organize by vulnerability type

Browse Source 
Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2026-01-04 19:01:04 +00:00
parent 274734e91a
commit ba72efbc5e
46 changed files with 341 additions and 323 deletions
Download Patch File Download Diff File Expand all files Collapse all files
XSS/README.md
+22
View File
@@ -0,0 +1,22 @@
# Cross-Site Scripting (XSS)
## Description
Cross-Site Scripting (XSS) attacks are a type of injection in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user.
## Types of XSS
- **Reflected XSS**: Script is reflected off the web server
- **Stored XSS**: Script is permanently stored on the target server
- **DOM-based XSS**: Vulnerability exists in client-side code
## Common Attack Vectors
- Input fields
- URL parameters
- HTTP headers
- File uploads
- Comment sections
## Testing Approach
Submit JavaScript code in various input points and observe if the code gets executed in the browser.
## Payloads
See `xss-payloads.txt` for a comprehensive list of XSS payloads.