Member-only story
TryHackme — Cross-Site Scripting
Malicious Script Injection
Non members get free access link
Welcome back amazing hackers with the prosperous new year 2022. I came up with a cool blog on the interesting topic of cross-site scripting.
One of the security vulnerabilities found on the web application. Attackers use these malicious scripts and must be executed into the victim machine.
Types involve in cross-site site scripting are :
- Stored XSS
- Reflected XSS
- DOM XSS
Cross-Site Scripting can do many things like :
- Cookies-Stealing — Using cross-site scripting which can steal cookies from the unauthenticated sessions.
- Keylogging — Using cross-site which makes for capturing keystrokes.
- Web-Cam Snapping — Taking snapshots from compromised machine
- Phishing — Attackers insert fake login forms in a legit website or redirect into a malicious website.
- Port-Scanning — It is used for scanning the internal networks and identifying lists of hosts present in a network.
- Other-browser exploits
Stored XSS: