O'Reilly logo

Kali Linux Web Penetration Testing Cookbook by Gilberto Nájera-Gutiérrez

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Identifying cross-site scripting (XSS) vulnerabilities

Cross-site scripting (XSS) is one of the most common vulnerabilities in web applications, in fact, it is considered third in the OWASP Top 10 from 2013 (https://www.owasp.org/index.php/Top_10_2013-Top_10).

In this recipe, we will see some key points to identify a cross-site scripting vulnerability in a web application.

How to do it...

  1. Log into DVWA and go to XSS reflected.
  2. The first step in testing for vulnerability is to observe the normal response of the application. Introduce a name in the text box and click on Submit. We will use Bob.
    How to do it...
  3. The application used the name we provided to form a phrase. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required