daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,873 Commits
17 Branches
0 Tags
160 MiB
Commit Graph

12 Commits (7a8e56145fb8541a78098da2f7b2b2ee38726d25)

Author SHA1 Message Date
bauthard b2c07e0db6 matcher update 2020-12-02 10:01:03 +05:30
un-fmunozs 35b585fc3a Update basic-xss-prober.yaml 
IMHO its better to test for text/html to report a possible XSS, there are a more content types that could cause reflect the content and dont have a XSS. like javascript, css, plaintext files, etc.
 2020-12-01 22:11:07 -05:00
bauthard ac20c65da4 Update top-15-xss.yaml 2020-11-26 23:29:40 +05:30
Geeknik Labs 0ceb8d218a
Update top-15-xss.yaml 
Makes sense to number the payloads to easily show which parameter is vulnerable.
 2020-11-26 16:10:09 +00:00
Geeknik Labs acae0a9d48
Update top-15-xss.yaml 
Fine tuning the template. Sometimes a host will redirect the original request to another page or subdomain and the XSS happens on that page instead of with the original request. I believe a max-redirects of 1 should be sufficient.
 2020-11-03 18:00:38 +00:00
bauthard a32e2e7540 Update basic-xss-prober.yaml 2020-11-02 20:55:36 +05:30
Geeknik Labs 5e911f5cd9
Update basic-xss-prober.yaml 
Hoping to cut down on false positives by ignoring reflections from JSON API endpoints
 2020-11-02 15:04:05 +00:00
Omri Inbar f295f578ee
Wasn't working because it was the wrong char 
changed the ' to " in matcher
 2020-10-14 11:20:58 +03:00
un-fmunozs a3f5b133a0 Update top-15-xss.yaml 
spaces again.
 2020-09-04 02:49:39 -05:00
un-fmunozs 1b3ab5b5ea Update top-15-xss.yaml 2020-09-04 02:46:30 -05:00
un-fmunozs 829812e4da Update top-15-xss.yaml 
All the parameters were sent as a big "unique" parameter.  Try it against  https://httpbin.org/get? with -debug and compare the output.
 2020-09-04 02:29:18 -05:00
bauthard 9ab0c904c8 updating templates 2020-08-15 14:18:23 +05:30