Pentesting notes

Ctrlk

[XSS Exploitation]

Introduction Launching Attacks from Victim's Session Enumerating Internal APIs Exploiting Internal Web Apps I Exploiting Internal Web Apps II Content-Security Policy (CSP)Bypassing Weak CSPs XSS Filter Bypasses XSS Prevention

PreviousCSRF Prevention NextIntroduction

Last updated 2 months ago