Our community has moved to Discord. Join us there!
Cybr.com/Discord
These forums are still up for historical purposes.

Home Page Forums General Discussions Other alternatives to finding XSS ? Reply To: Other alternatives to finding XSS ?

  • Christophe

    Administrator
    June 25, 2021 at 3:33 pm

    Look for areas that are less likely to have been looked at already. This might mean jumping on a program as soon as it comes out, digging deep into an application to find panels or other areas that aren’t easily found at the surface level, or using/creating tools that monitor for changes in applications.

    For the last one, here’s what I mean: organizations deploy changes at different paces, but many strive to deploy frequently. Each deployment brings opportunity since things (endpoints, JS files, libraries, etc) change, sometimes things break, and new code/libraries/endpoints/etc means more things to test. By having a tool that monitors for those changes, you can get alerted and jump on it as soon as it happens – again, before others have a chance to do so.