Awesome q2a theme
Ask us anything
Toggle navigation
Email or Username
Password
Remember
Login
Register
|
I forgot my password
Questions
Unanswered
Tags
Users
Ask a Question
check for XSS site
0
like
0
dislike
75
views
Hello!
Tell me how you can test your websites for XSS vulnerabilities?
For example, to post to the form that something happened.
xss
asked
Mar 21, 2019
by
rom2
|
75
views
answer
comment
Please
log in
or
register
to add a comment.
Please
log in
or
register
to answer this question.
5
Answers
0
like
0
dislike
To hire pentester'a / hacker with experience to check manually. For more efficiency you can provide access to the source code.
\r
There are of course automated tools, like
Acunetix Web Vulnerability Scanner
(
is in Milan
), but their effectiveness in non-trivial cases is quite questionable.
answered
Mar 23, 2019
by
rom2
ask related question
comment
Please
log in
or
register
to add a comment.
0
like
0
dislike
ha.ckers.org/xss.html
answered
Mar 23, 2019
by
Lux_In_Tenebris
ask related question
comment
Please
log in
or
register
to add a comment.
0
like
0
dislike
Usually check this
\r
\ralert('aa');
\r
If your site has many forms, it is best DM to use the program to search for vulnerabilities. One of the most advanced is considered Acunetix Web Security Scanner will be able to find on torrents.
answered
Mar 23, 2019
by
habrrich
ask related question
comment
Please
log in
or
register
to add a comment.
0
like
0
dislike
Hi!
The best way to test the website on XSS is to check the source code.
The main cause of XSS is lack of filtering of user input (&, <, >, ", ')
Most modern ORM, templating languages serve escaping user data that should be protected from XSS. Unfortunately developers often turn off these checks by hand.
Learn more about how to protect your code from XSS:
https://www.owasp.org/index.php/XSS_(Cross_Site_Sc...
How to bypass filters and to introduce XSS:
https://www.owasp.org/index.php/XSS_Filter_Evasion...
By the way, I'm one of the developers of scanner vulnerabilities, including XSS
https://metascan.ru
Can try scanner, or just ask our children.
[email protected]
answered
Mar 23, 2019
by
Scat
ask related question
comment
Please
log in
or
register
to add a comment.
0
like
0
dislike
Thank you all!
answered
Mar 23, 2019
by
codecity
ask related question
comment
Please
log in
or
register
to add a comment.
Related questions
0
like
0
dislike
1
answer
Sql and xss if I understand correctly?
asked
Jun 13, 2019
by
sverhvova
php
xss
sql-injection
0
like
0
dislike
2
answers
How to find a string (contains XSS) or not?
asked
May 20, 2019
by
sorry_i_noob
php
xss
0
like
0
dislike
1
answer
The browser prevents the transfer of the link with the XSS. How to bypass the lock?
asked
May 22, 2019
by
Sazoks
javascript
xss
penetration-testing
0
like
0
dislike
2
answers
Whether you need to protect against XSS that is inserted in the GET request (I tried to write in the page the value alert(1), but nothing happened)?
asked
May 22, 2019
by
sorry_i_noob
xss
web-development
0
like
0
dislike
5
answers
How to protect website from comment user with XSS, but keep your tags (htmlspecialchars makes the tags in plain text)?
asked
May 10, 2019
by
sorry_i_noob
php
xss
Most popular tags
javascript
php
css
html
jquery
wordpress
python
linux
web-development
mysql
android
windows
java
layout
c#
computer-networks
node.js
cpp
iron
yii
vue.js
1C-Bitrix
react
laravel
django
nginx
system-administration
search-engine-optimization
api
ubuntu
the-it-education.
ajax
sql
programming
hosting
cms
design
apache
google-chrome
bootstrap
Vkontakte
macos
google
network-administration
git
laptops
algorithms
regular-expressions
unity-game-engine
email
angular
database
network-equipment
software
wooŃommerce
debian
.net
ios
information-security
video
law-in-it
browsers
books
parsing
wi-fi
game-development
career
htaccess
postgresql
telegram
mikrotik
mobile-development
ruby-on-rails
the-domain-name-system
modx
Yandex
c
json
opencart
Habr
freelance
vpn
asp.net
windows-server
symfony
bots
hard-drives
math
qt
DIY
audio
frontend
payment-system
bash
electronics
gulp.js
user-interface
docker
online-shopping
110,608
questions
257,187
answers
0
comments
40,796
users