如何使用XSpear完成XSS扫描与参数分析

来源:岁月联盟 编辑:猪蛋儿 时间:2020-01-29
        }, {
            "id": 6,
            "type": "INFO",
            "issue": "REFLECTED",
            "method": "GET",
            "param": "cat",
            "payload": "rEfe6",
            "description": "reflected parameter"
        }, {
            "id": 7,
            "type": "INFO",
            "issue": "FILERD RULE",
            "method": "GET",
            "param": "cat",
            "payload": "onhwul=64",
            "description": "not filtered event handler on{any} pattern"
        }
    ....
    , {
            "id": 17,
            "type": "HIGH",
            "issue": "XSS",
            "method": "GET",
            "param": "cat",
            "payload": "",
            "description": "reflected HTML5 XSS Code"
        }, {
            "id": 18,
            "type": "HIGH",
            "issue": "XSS",
            "method": "GET",
            "param": "cat",
            "payload": "",
            "description": "reflected onfocus XSS Code"
     ....
        }, {
            "id": 24,
            "type": "HIGH",
            "issue": "XSS",
            "method": "GET",
            "param": "cat",
            "payload": "",
            "description": "triggered "
        }]
    }
如需在BurpSuite中使用XSpear,请点击【这里】。
扫描日志样本
扫描XSS:
xspear -u "http://testphp.vulnweb.com/listproducts.php?cat=z"

上一页  [1] [2] [3] [4] [5] [6] [7] [8] [9] [10]  下一页

上一篇:XXE从入门到放弃
下一篇:安全小游戏:寻找漏洞

最近更新

随机推荐