Leunam's PortSwigger

Ctrlk

01 SQL Injection
02 Cross-site scripting
03 CSRF
04 Clickjacking
06 CORS
10 OS Comand Injection
12 Path traversal
13 Access Control Vulnerability
14 Authentication
15 WebSockets
16 Web cache deception
20 HTTP Host header attacks
22 File Upload vulnerabilities
28 NoSQL Injection
29 API Testing

Powered by GitBook

On this page

02 Cross-site scripting

03 Lab: DOM XSS in document.write sink using source location.search inside a select element 04 Lab: DOM XSS in innerHTML sink using source location.search 06 Lab: DOM XSS in jQuery selector sink using a hashchange event 07 Lab: Reflected XSS into attribute with angle brackets HTML-encoded 08 Lab: Stored XSS into anchor href attribute with double quotes HTML-encoded 09 Lab: Reflected XSS into a JavaScript string with angle brackets HTML encoded 22 Lab: Exploiting cross-site scripting to steal cookies 24 Lab: Exploiting XSS to bypass CSRF defenses

Previous14 Lab: Blind SQL injection with time delays Next03 Lab: DOM XSS in document.write sink using source location.search inside a select element

Last updated 9 months ago