You already know this one, right? Just a quick reminder: this flaw is exploited when the attacker can execute JavaScript on the browser (reflected, stored, or DOM-based).
- Title Page
- Copyright and Credits
- Packt Upsell
- Contributors
- Preface
- Building a Vulnerable Web Application Lab
- Kali Linux Installation
- Delving Deep into the Usage of Kali Linux
- All About Using Burp Suite
- An introduction to Burp Suite
- A quick example 
- Visualizing the application structure using Burp Target 
- Intercepting the requests/responses using Burp Proxy
- Crawling the web application using Burp Spider
- Looking for web vulnerabilities using the scanner
- Replaying web requests using the Repeater tab
- Fuzzing web requests using the Intruder tab
- Installing third-party apps using Burp Extender
- Summary
- Understanding Web Application Vulnerabilities
- File Inclusion
- Cross-Site Scripting
- Cross-Site Request Forgery
- SQL Injection
- Command Injection
- OWASP Top 10
- 1 – Injection
- 2 – Broken Authentication
- 3 – Sensitive Data
- 4 – XML External Entities
- 5 – Broken Access Control
- 6 – Security Misconfiguration
- 7 – Cross-Site Scripting (XSS)
- 8 – Insecure Deserialization
- 9 – Using Components with Known Vulnerabilities
- 10 – Insufficient Logging & Monitoring
- Summary
- Application Security Pre-Engagement
- Application Threat Modeling
- Software development life cycle
- Application Threat Modeling at a glance
- Application Threat Modeling in real life
- Application Threat Modeling document parts
- Practical example
- Summary
- Source Code Review
- Network Penetration Testing
- Web Intrusion Tests
- Pentest Automation Using Python
- Nmap Cheat Sheet
- Metasploit Cheat Sheet
- Netcat Cheat Sheet
- Networking Reference Section
- Python Quick Reference
- Other Books You May Enjoy
7 – Cross-Site Scripting (XSS)
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.