Sam Paredes (CoffeeJunkie)

Sam Paredes (CoffeeJunkie)

Cybersecurity student and pentester in continuous development.

Day 68/100 Hack and Improvement

less than 1 minute read

Day 68 bring static analysis of client-side Javascript and an understandable XSS presentation.

Analysis of Client-side Javascript for Penetration Testers

From Rajesh Ranjan. #day68 comes with static analysis of client-side Javascript for Penetration Testers

In this article, the author has explained that, how we can use the wayback Machine to fetch the Javascript files, Geting their response codes, and then beautify them to make them readable.

In the next step, we can use Jobert Abma, relative-url-extractor tool to gather some endpoints from the Javascript file

In this step, we can use some tools like DumpsterDiver, to find the secrets from the Javascript file.

Here is the link of complete article

XSS Everywhere

Trying to find more information on how XSS happens in websites and where mostly we can find the payload reflected in the code, Dr Nick Blundell brings an amazing presentation on XSS and how it gets bypassed and reflected in the code. You can find the presentation here

nmap scan

Leave a comment

You may also enjoy

Day 97/100 Hack and Improvement

less than 1 minute read

Due to travel reasons #100daystohackandimprove moved to twitter. The following days will be posted on Twitter till day 97.