Mohamed Hegazih0kaz.hashnode.dev·Apr 18, 2024TryHackMe: XSS RoomRoom URL: TryHackMe | XSS Explore in-depth the different types of XSS and their root causes. Task 1: Introduction Cross-site scripting (XSS) remains one of the common vulnerabilities that threaten web applications to this day. XSS attacks rely on inj...Discuss·72 readstryhackme
Godson0xgodson.hashnode.dev·Mar 16, 2024My Old BlogsHere are the old blogs I wrote some time ago. I will publish them here one by one when I find some time, but for now, as always, you can access those blogs from the following URL: https://github.com/0xGodson/blogs/tree/master/_postsDiscusshacking
Adaeze Iweadinobi adaeze.hashnode.dev·Feb 22, 2024Code Injection: A HTML PerspectiveIn the realm of web security, HTML Injection stands as a pervasive threat, capable of compromising the integrity and functionality of web applications. In this article, I delve into the intricacies of HTML Injection, its exploitation, preventive meth...Discuss·10 likesHTML İnjection
El Hadramy Cheiguercheigro.hashnode.dev·Feb 15, 2024Cross Site Scripting (XSS)Cross Site Scripting: Attack occurs when application takes untrusted data and sends it to a web browser without proper validation or sanitization Search Example: https://google.com/search?q=<search term > https://google.com/search?q=<search term > <h...DiscussXSS
Quang PhanProquangphan.hashnode.dev·Jan 30, 2024Validate .NET Core input against Cross Site Scripting (XSS) (Part 2)Let's examine an Azure Function that takes a string input request and subsequently serves that same data to the web for rendering. Assume the text below is the input: "<img src=x onerror=\"confirm('System Compromised')\">" Without any sanitization b...Discuss·36 readsSecurity Journey - XSS prevention in Azure Function.XSS
Quang PhanProquangphan.hashnode.dev·Jan 16, 2024Protecting .NET Azure Function from Cross Site Scripting (XSS) (Part 1)The Responsibilities: You can read more about XSS on the OWASP site here, but in short, XSS vulnerability involves our application storing potentially malicious HTML or JavaScript data in a storage location, such as a database or blob storage, and po...Discuss·36 readsSecurity Journey - XSS prevention in Azure Function.Azure Functions
Cafer Karacaferkara.hashnode.dev·Jan 12, 2024Laravel Security in 2024In the ever-evolving landscape of web development, security is paramount. Laravel, a popular PHP web application framework, not only facilitates rapid development but also places a strong emphasis on security. In this article, we will delve into vari...DiscussLaravel
Surabhi Sumansurabhisuman.in·Dec 18, 2023XSS Demystified: Understanding and Preventing Cross-Site ScriptingIt allows an attacker to execute a malicious arbitrary Javascript code within the web browser of victim user. This gives the attacker’s script privileged access to make requests to the server (such as same-origin cookies and storage permissions) and ...DiscussXSS
prabhudarshan samalcybercruxprabhu.hashnode.dev·Dec 17, 2023Cross-site scripting(XSS) RemediationApplications of cross-site scripting:- An attacker that uses a cross-site scripting flaw can usually do the following: Assume the identity of the victim user. Execute every action that the user is capable of. Read any data that the user has permissio...DiscussWAPT
Ruheza, NSblog.maentechie.com·Dec 9, 2023Story of SSRF from Stored XSS in PDF generator applicationIntroduction PDF generator libraries, particularly those implemented using JavaScript, often face vulnerabilities to cross-site scripting (XSS) attacks, posing a challenge to the security of web applications. One primary reason for this lies in the d...Discuss·10 likes·101 readsssrfarticle