XSS-keylogger – keylogging script that can be injected into websites vulnerable to cross-site scripting

free courses

A keylogging script that can be injected into websites vulnerable to cross-site scripting. The script tracks user keypresses by concatenating each keypress into a string that is POSTed to a server. The script can be found in file keylogscript.html and can be tested on file captainslog.html. The POST request is currently commented out, but if … Read moreXSS-keylogger – keylogging script that can be injected into websites vulnerable to cross-site scripting

Play Music HTML5 Audio XSS Payload

Play Music HTML5 Audio XSS Payload Script below allows you to share your favorite mp3 through your targets browser. Lets assume the XSS payload was injected in to a web page that supports unrestricted HTML an mp3 audio file would then play to the visitors of the compromised web page. [php]if(document.getElementById(‘xss_audio’) == null ) { … Read morePlay Music HTML5 Audio XSS Payload

How to Hack Web Browsers Using BeEF Framework

beef-xss-1

How to Hack Web Browsers Using BeEF (The Browser Exploitation Framework) What is BeEF? BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual … Read moreHow to Hack Web Browsers Using BeEF Framework

Exploit XSS with an Image: Force download

Welcome back today we will talk about Injecting some malicious XSS code into a Image. We will be using Kali Linux for this tutorial however you can use an operating system of your choice. We recommend using Linux. If you don’t already have Linux you can download Kali Linux from here. Cross Site Scripting is … Read moreExploit XSS with an Image: Force download

Subscribe to our newsletter!

yoast seo premium free