Chapter 2

Exploitation

Abstract

We take a closer look at the Burp Suite site map and Spider. This chapter then covers bypassing client-side controls, cross-site scripting (XSS), and how to use Stored XSS to deface a website.

Keywords

Burp Suite site map

HTTP requests

bypassing client-side controls

SQL injection

SQL syntax

MySQL database

MySQL shell

password hashing

cross-site scripting

Let us look at the Burp Suite site map and Spider.

Within Burp Suite we have selected the “Target” tab and then the “Sitemap” (see Image 27).

What you see is a list of the targets that Burp Suite will automatically pick up as you browse around ...

Get How to Attack and Defend Your Website now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

How to Attack and Defend Your Website by Henry Dalziel, Alejandro Caceres

Exploitation

Abstract

Keywords

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly