Tag feed

#xss-attacks

38 posts3 followers

Explore Hashnode

Alternatives

Trending tags this week

SKSreeram K Scode-as-a-story.hashnode.dev3d ago · 6 min read

What is XSS (Cross-Site Scripting)?

Story Time Imagine your office has a public notice board where anyone can walk up and pin messages like “Team lunch at 1 PM” and “Meeting moved to 3 PM”. Everyone trusts this board and whatever is wri

0

EEEmma Engströmpentesting-dvwa.hashnode.devMar 29 · 14 min read

DOM-Based XSS in DVWA

Introduction This post examines a DOM-based cross-site scripting (XSS) vulnerability in the Damn Vulnerable Web Application (DVWA) and demonstrates how it can be exploited to achieve client-side code

0

EEEmma Engströmpentesting-dvwa.hashnode.devMar 25 · 12 min read

Stored XSS in DVWA

Introduction This post examines a Stored Cross-Site Scripting (XSS) vulnerability in the Damn Vulnerable Web Application (DVWA), and demonstrates how it can be used to achieve persistent client-side c

0

EEEmma Engströmpentesting-dvwa.hashnode.devMar 19 · 14 min read

Reflected XSS in DVWA

Introduction This post demonstrates how a reflected Cross-Site Scripting (XSS) vulnerability in the Damn Vulnerable Web Application (DVWA) can be exploited to execute malicious client-side scripts in

0

SCShaishab Chandra Shilshaishab316.hashnode.devMar 15 · 4 min read

CSRF token to protect cookies

If you're storing session data or auth tokens in cookies, you're already one step ahead of localStorage. But cookies come with a well-known vulnerability — Cross-Site Request Forgery (CSRF). In this p

0

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.devMar 14 · 16 min read

CSP Bypass in DVWA

1 Introduction In this post, the Content Security Policy (CSP) Bypass vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to bypass the

0

FKFrank Kelechi Ogefrankoge.comFeb 15 · 2 min read

The Two Bugs That Kill Startups: A Deep Dive into XSS and CSRF

You can have the cleanest React code, the fastest API, and the most beautiful UI. But if I can inject a script into your search bar that steals your users' session cookies, your startup is dead. Security is not an "add-on." It is a fundamental requi...

0

ARAshifur Rahamanaspnetcore.hashnode.devJan 26 · 4 min read

ASP.NET Core: Cross-Site Scripting (XSS)

Cross-Site Scripting (XSS) is a security vulnerability that allows an attacker to inject malicious client-side scripts (usually JavaScript) into web pages viewed by other users. Unlike CSRF (which targets the server by tricking it into accepting a re...

0

CCCristhian Cano Bogadoparaguayandev.hashnode.devJan 15 · 4 min read

APEX_ESCAPE: ¿Proteges tus aplicaciones Oracle APEX contra XSS?

Cuando desarrollamos aplicaciones en Oracle APEX, solemos concentrarnos en la lógica del negocio, la experiencia de usuario y el rendimiento. Sin embargo, hay un aspecto crítico que muchas veces se pasa por alto hasta que es demasiado tarde: la segur...

0

NRNandhana R s30-days-of-attack.hashnode.devJan 6 · 3 min read

Day 5: Cross-Site Scripting (XSS) — When the Browser Becomes the Attacker

Introduction Cross-Site Scripting (XSS) is a client-side attack that exploits trust between a user’s browser and a web application. Unlike SQL Injection, which targets backend databases, XSS targets users directly by injecting malicious scripts into ...

0

#xss-attacks

Search Hashnode

#xss-attacks

Explore Hashnode

Trending tags this week

What is XSS (Cross-Site Scripting)?

DOM-Based XSS in DVWA

Stored XSS in DVWA

Reflected XSS in DVWA

CSRF token to protect cookies

CSP Bypass in DVWA

The Two Bugs That Kill Startups: A Deep Dive into XSS and CSRF

ASP.NET Core: Cross-Site Scripting (XSS)

APEX_ESCAPE: ¿Proteges tus aplicaciones Oracle APEX contra XSS?

Day 5: Cross-Site Scripting (XSS) — When the Browser Becomes the Attacker