Hello!
Today I will show u how to detect XSS vulnerability in some site with automated tool and Kali Linux. 
We will consider the following points:
[1] XSS - Introduction for newbies
[2] Automated XSS tools for scanning
[3] Testing...

Introduction
> Cross-site Scripting (XSS) is a client-side code injection attack. The attacker aims to execute malicious scripts in a web browser of the victim by including malicious code in a legitimate web page or web application. The actual attack occurs when the victim visits the web page or web application that executes the malicious code. The web page or web application becomes a vehicle to deliver the malicious script to the user’s browser. Vulnerable vehicles that are commonly used for Cross-site Scripting attacks are forums, message boards, and web pages that allow comments. A web page or web application is vulnerable to XSS if it uses unsanitized user input in the output that it generates. This user input must then be parsed by the victim’s browser. XSS attacks are possible in VBScript, ActiveX, Flash, and even CSS. However, they are most common in JavaScript, primarily because JavaScript is fundamental to most browsing experiences.


Enjoy! 🙄

worth learning,

great tutorails sir

Very thanks

great tutorails sir

(November 15, 2022, 02:02 PM)lord_x Wrote: Hello!
Today I will show u how to detect XSS vulnerability in some site with automated tool and Kali Linux. 
We will consider the following points:
[1] XSS - Introduction for newbies
[2] Automated XSS tools for scanning
[3] Testing...

Introduction
> Cross-site Scripting (XSS) is a client-side code injection attack. The attacker aims to execute malicious scripts in a web browser of the victim by including malicious code in a legitimate web page or web application. The actual attack occurs when the victim visits the web page or web application that executes the malicious code. The web page or web application becomes a vehicle to deliver the malicious script to the user’s browser. Vulnerable vehicles that are commonly used for Cross-site Scripting attacks are forums, message boards, and web pages that allow comments. A web page or web application is vulnerable to XSS if it uses unsanitized user input in the output that it generates. This user input must then be parsed by the victim’s browser. XSS attacks are possible in VBScript, ActiveX, Flash, and even CSS. However, they are most common in JavaScript, primarily because JavaScript is fundamental to most browsing experiences.


Enjoy! 🙄

 thanks

thanks for sharing

Let's check It should be good

(November 15, 2022, 02:02 PM)tuan_x Wrote: Halo!
Hari ini saya akan menunjukkan kepada Anda bagaimana mendeteksi kerentanan XSS di beberapa situs dengan alat otomatis dan Kali Linux. 
Kami akan mempertimbangkan poin-poin berikut:
[1] XSS - Pengantar untuk pemula
[2] Alat XSS otomatis untuk pemindaian
[3] Menguji...

Pendahuluan
> Cross-site Scripting (XSS) adalah serangan injeksi kode sisi klien. Penyerang bertujuan untuk mengeksekusi skrip berbahaya di browser web korban dengan memasukkan kode berbahaya di halaman web atau aplikasi web yang sah. Serangan sebenarnya terjadi ketika korban mengunjungi halaman web atau aplikasi web yang menjalankan kode berbahaya. Halaman web atau aplikasi web menjadi kendaraan untuk mengirimkan skrip berbahaya ke browser pengguna. Kendaraan rentan yang biasa digunakan untuk serangan Cross-site Scripting adalah forum, papan pesan, dan halaman web yang memungkinkan komentar. Halaman web atau aplikasi web rentan terhadap XSS jika menggunakan input pengguna yang tidak bersih dalam output yang dihasilkannya. Input pengguna ini kemudian harus diuraikan oleh browser korban. Serangan XSS dimungkinkan di VBScript, ActiveX, Flash, dan bahkan CSS. Namun,


Menikmati!🙄

Thank you

thanks for sharing