XSS Methodology

  1. Discovery and Mapping:

  2. Generate Test Inputs:

  3. Submit and Observe:

  4. Context Analysis:

  5. Crafting XSS Payloads:

  6. Payload Testing:

  7. Browser Execution:

  8. Document Reflections and Payload Execution:

  9. Exploit Refinement:

  10. Automated Scanning:

  11. Test for Browser Quirks:

  12. Confirm Persistent Storage (Stored XSS):

  13. Check for Execution Context (DOM-based XSS):

PreviousJavaScript injection (XSS)NextFile Inclusion

Last updated