Ir al contenido principal

How to test your application for XSS vulnerabilities using XSSer

When testing an application for XSS vulnerabilities it can be sometimes hard to come up with a successful attack and test multiple alternatives. You can use an app like XSSer to automate this, in this quick tips episode, you will learn how. Above is the vid and below you will find some useful notes.
  1. 1.

    Pre-reqs

    • Have node.js installed for the sample app
    • Have Docker installed
  2. 2.

    Using XSSer

    • Create the dockerfile with xsser
      FROM kalilinux/kali-rolling
      
      WORKDIR /workdir
      
      RUN apt-get update && \
          apt-get install -y xsser
      
      ENTRYPOINT ["xsser"]
      
    • Build the image
      docker build -t xsser .
      
    • Run xsser to check options
      docker run -it --rm --name xsser xsser
      
      Run xsser to test against the vulnerable app from the video
      docker run -it --rm --name xsser xsser -u "http://192.168.99.1:3000/?name=XSS"
      
  3. 3.

Comentarios

Entradas populares de este blog

Create a custom AEM workflow process step with a dialog

In this tutorial I talk about how to create a custom workflow step process with an additional dialog for configuring it, above is the vid and below you will find some useful notes. 1. Pre-reqs Have access to an Adobe Experience Manager instance. Have Maven installed, understand how it works and also understand how to use Adobe's archetype, you can watch my video about maven here: Creating an AEM application using Maven and Adobe's archetype 2. What is an AEM Workflow and workflow model Workflows allow you to automate different tasks inside AEM by defining a s

How to create an AEM component using Reactjs

In this tutorial, I will show how to use use Adobe's archetype to create an AEM application with React.js support and also how to add a new React.js component so that it can be added into a page, above is the vid and below you will find some useful notes. In the second part we will see how to configure the Sling Model for the AEM React component. 1. Pre-reqs Have access to an Adobe Experience Manager instance. You will need aem 6.4 Service Pack 2 or newer. Have Maven installed, understand how it works and also understand how to use Adobe's archetype, you can watch my video about maven here: Creating an AEM application using Maven and Adobe's archetype 2.

Creating an AEM Application using Adobe's archetype version 23

In this tutorial, I will show how to use Adobe's archetype to create an AEM application using version 23rd and up, above is the vid and below you will find some useful notes. 1. Pre-reqs Have access to an Adobe Experience Manager instance. You will need aem 6.3 Service Pack 3, AEM 6.4 or AEM 6.5 2. Creating an AEM application using archetype version 23 Look for the .m2 folder inside your user for your particular Operating System