background preloader

XSS Filter Evasion Cheat Sheet

XSS Filter Evasion Cheat Sheet
Last revision (mm/dd/yy): 06/1/2016 This cheat sheet is for people who already understand the basics of XSS attacks but want a deep understanding of the nuances regarding filter evasion. Please note that most of these cross site scripting vectors have been tested in the browsers listed at the bottom of the scripts. XSS Locator Inject this string, and in most cases where a script is vulnerable with no special XSS vector requirements the word "XSS" will pop up. Use this URL encoding calculator to encode the entire string. ';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//"; alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//-- ></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> XSS Locator (short) No Filter Evasion This is a normal XSS JavaScript injection, and most likely to get caught but I suggest trying it first (the quotes are not required in any modern browser so they are omitted here): Filter bypass based polyglot <!

Related:  Computer SecurityQASecurity

Interview With A Blackhat (Part 2) [Please note that this series of posts discusses criminal activities from the perspective of the criminal. This may be distressing to some readers; please exercise caution.] This is part 2/3 of my interview with “Adam” – a blackhat who has decided to go legit. What is the difference between Severity and Priority?Which one is used by a tester? daisymani Answered On : Oct 4th, 2005 severity: This is assigned by the tester.severity of a defect is set based on the issue's can be stated as mentioned Cross-site Scripting (XSS) This is an Attack. To view all attacks, please see the Attack Category page. Last revision (mm/dd/yy): 06/4/2016 Overview Archives Approximately 1 year ago today, Tim Tomes and I did a presentation on Volume Shadow Copies (VSC) at Hack3rCon II. Hack3rCon^3 just wrapped up, and I’ve officially been shamed into finally publishing the details of the research. Many of the faithful PDC readers will know most of these details, as some of them were included as pieces to posts on other topics, but I will try to provide a little something new. Volume Shadow Copies The Volume Shadow Copy Service (VSS) maintains copies of every 16k block that is changed on an NTFS disk. Then at certain times it packages up all those 16k blocks and puts them up into a Volume Shadow Copy (VSC).

A Guide to Recommender Systems We're running a special series on recommendation technologies and in this post we look at the different approaches - including a look at how Amazon and Google use recommendations. The Wikipedia entry defines "recommender systems" as "a specific type of information filtering (IF) technique that attempts to present information items (movies, music, books, news, images, web pages, etc.) that are likely of interest to the user." That entry goes on to note that recommendations are generally based on an "information item (the content-based approach) or the user's social environment (the collaborative filtering approach)." We think there's also a personalization approach, which Google in particular is focused on. We explore some of these concepts below.

Hijacking a Facebook Account with SMS This post will demonstrate a simple bug which will lead to a full takeover of any Facebook account, with no user interaction. Enjoy. Facebook gives you the option of linking your mobile number with your account. This allows you to receive updates via SMS, and also means you can login using the number rather than your email address. WebSockets – Varnish, Nginx, and Node.js This post was published 2 years ago. Due to the rapidly evolving world of technology, some concepts may no longer be applicable. Like many others I have been drawn in by the appeal of websockets and their use in (near) real-time communication. As such one of my current projects uses Node.js and websockets (via

Maltego Part I - Intro and Personal Recon By Chris Gates, CISSP, GCIH, C|EH, CPTS According to their web site, “Paterva invents and sells unique data manipulation software. Paterva is headed by Roelof Temmingh who is leading a light and lethal team of talented software developers.” On May 6 2008, they released a new version of a very kewl tool named Maltego. “Maltego, is an open source intelligence and forensics application. It allows for the mining and gathering of information as well as the representation of this information in a meaningful way. Sketch of The Analytical Engine By L. F. MENABREAof Turin, Officer of the Military Engineers from the Bibliothèque Universelle de Genève, October, 1842, No. 82

Related:  Technical Funda'sSecurityXss