Sign in Subscribe

webapp testing

Findings Series: Cross-Site Scripting (XSS)

Findings Series: Cross-Site Scripting (XSS)

Contents * Description * Classification * Examples * Remediation * References Description Cross-site scripting (XSS) is a code injection attack caused by improper input sanitization of user input in web applications. Attackers submit malicious input to a web application and run JavaScript functions that can dump cookies, hijack sessions, or even log keystrokes from a

SSH Socks Proxying and Burp

There's no question about it, PortSwigger's Burp Suite is the de-facto tool for testing web applications for security vulnerabilities. It's far from a "fire-and-f0rget" tool, which means that it take a lot of getting used to in order to make effective use