Day 68/100 Hack and Improvement
Day 68 bring static analysis of client-side Javascript and an understandable XSS presentation.
Analysis of Client-side Javascript for Penetration Testers
From Rajesh Ranjan. #day68 comes with static analysis of client-side Javascript for Penetration Testers
In this article, the author has explained that, how we can use the wayback Machine to fetch the Javascript files, Geting their response codes, and then beautify them to make them readable.
In the next step, we can use Jobert Abma, relative-url-extractor tool to gather some endpoints from the Javascript file
In this step, we can use some tools like DumpsterDiver, to find the secrets from the Javascript file.
Here is the link of complete article
XSS Everywhere
Trying to find more information on how XSS happens in websites and where mostly we can find the payload reflected in the code, Dr Nick Blundell brings an amazing presentation on XSS and how it gets bypassed and reflected in the code. You can find the presentation here
Leave a comment