Complete Cross site Scripting(XSS) cheat sheets : Part 1

We are producing this XSS Cheat sheet after collecting the codes from hackers’ techniques and different sites especially .  This is complete list of XSS cheat codes which will help you to test xss vulnerabilities ,useful for bypassing the filters.  If you have any different cheat codes , please send your code. Basic XSS […]

Complete Cross Site Scripting(XSS) Guide : Web Application Pen Testing

Hello BTS readers, Here is complete series that explains everything about the Cross site scripting.  Still more articles are on the way, Stay tuned to BreakTheSec..!Link To Tutorials: Cross Site Scripting(XSS) Basics DOM Based XSS attack XSS Filter Bypass Techniques Self-XSS (Cross Site Scripting) :Social Engineering Attack and Prevention  XSS Cheat Sheet  XSS Attacks Examples […]

How to do Cookie Stealing with Cross site Scripting Vulnerability ? : XSS Tutorials

Hope, you are now familiar with XSS vulnerability (if you don’t know what it is, read the beginners xss tutorial). It is my Fourth article about the XSS Vulnerability Testing(PenTesting)..! Today i am going to explain how an attacker exploit XSS vulnerability and steal cookie from users. Warning!!! BTS does not take responsibility, if anyone, […]

Bypassing the XSS Filters : Advanced XSS Tutorials for Web application Pen Testing

copyrights reserved © BreakTheSecurity Hi friends, last time, i explained what is XSS and how an attacker can inject malicious script in your site. As i promised earlier, i am writing this advanced XSS tutorial for you(still more articles will come). Sometimes, website owner use XSS filters(WAF) to protect against XSS vulnerability.For eg: if you […]

“Simple Upload 53” Vulnerability allows Hacker to upload Shell

Web Application vulnerability in “Simple Upload 53” PHP file allows an attacker to upload Backdoor shell code in your website. “inurl:simple-upload-53.php” using this google search , you can find the vulnerable Sites. If you want to find the vulnerability in your web application, use this google dark:“inurl:simple-upload-53.php” After you search in google; if you […]

What is Blind Sql Injection ? Web Application Vulnerability Tutorial

Blind SQL injection technique is used when the web application is vulnerable but the output doesn’t display to the attacker. When hacker tries SQL injection, they will redirect to some other pages instead of error message. Blind SQL Injection is harder to implement when compared with the above Traditional SQL Injection Technique, it will take […]

Cross Site Scripting(XSS) Complete Tutorial for Beginners~ Web Application Vulnerability

What is XSS?Cross Site Scripting also known as XSS , is one of the most common web appliction vulnerability that allows an attacker to run his own client side scripts(especially Javascript) into web pages viewed by other users. In a typical XSS attack, a hacker inject his malicious javascript code in the legitimate website . […]

Introduction to Web Application Firewall (WAF) ~ Website Security

What is WAF?WAF is expanded as Web Application Firewall. WAF is server side application that controls the input and output(filter the HTTP communication).  It controls network traffic on any OSI Layer up to Application Layer.  The main purpose of WAF is to provide better protection over the top Wep Application vulnerability such as XSS(Cross Site Scripting), SQL […]