O'Reilly logo

How to Attack and Defend Your Website by Alejandro Caceres, Henry Dalziel

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 2

Exploitation

Abstract

We take a closer look at the Burp Suite site map and Spider. This chapter then covers bypassing client-side controls, cross-site scripting (XSS), and how to use Stored XSS to deface a website.

Keywords

Burp Suite site map
HTTP requests
bypassing client-side controls
SQL injection
SQL syntax
MySQL database
MySQL shell
password hashing
cross-site scripting
Let us look at the Burp Suite site map and Spider.
image
Image 27
Within Burp Suite we have selected the “Target” tab and then the “Sitemap” (see Image 27).
What you see is a list of the targets that Burp Suite will automatically pick up as you browse around ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required