Find answers, ask questions, and connect with our
welcoming community.

Home Page Forums General Discussions Other alternatives to finding XSS ?

  • Other alternatives to finding XSS ?

    Posted by Anthony on June 21, 2021 at 9:19 pm

    What are some other uncommon ways to find XSS something that goes beyond your typical hunting methods. What could be a slight advantage in this game of bug hunting ?

    Anthony replied 1 year, 5 months ago 2 Members · 2 Replies
  • 2 Replies
  • Christophe

    Administrator
    June 25, 2021 at 3:33 pm

    Look for areas that are less likely to have been looked at already. This might mean jumping on a program as soon as it comes out, digging deep into an application to find panels or other areas that aren’t easily found at the surface level, or using/creating tools that monitor for changes in applications.

    For the last one, here’s what I mean: organizations deploy changes at different paces, but many strive to deploy frequently. Each deployment brings opportunity since things (endpoints, JS files, libraries, etc) change, sometimes things break, and new code/libraries/endpoints/etc means more things to test. By having a tool that monitors for those changes, you can get alerted and jump on it as soon as it happens – again, before others have a chance to do so.

    • Anthony

      Member
      June 25, 2021 at 4:17 pm

      Damn, its all a game of cat and mouse.