Skip to Main Content
Web Penetration Testing with Kali Linux 2.0, Second Edition
book

Web Penetration Testing with Kali Linux 2.0, Second Edition

by Juned Ahmed Ansari
November 2015
Intermediate to advanced content levelIntermediate to advanced
312 pages
7h 18m
English
Packt Publishing
Content preview from Web Penetration Testing with Kali Linux 2.0, Second Edition

Types of cross-site scripting

The main aim of XSS is to execute JavaScript on the victim's browser but there are different ways to achieve it, depending on the design and purpose of the website. There are three major categories of XSS:

  • Persistent XSS
  • Reflected XSS
  • DOM XSS

Persistent XSS

This form of cross-site scripting is also known as stored XSS. A XSS flaw is called a persistent XSS when the injected data is stored on the webserver or the database on the server side and the application serves it back to the user without validation. An attacker whose aim is to infect every visitor of the website would use the persistent XSS attack, which would enable him or her to exploit the website on a large scale.

Typical targets of persistent XSS flaws are as ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Web Penetration Testing with Kali Linux

Web Penetration Testing with Kali Linux

Joseph Muniz, Aamir Lakhani
Hands-On AWS Penetration Testing with Kali Linux

Hands-On AWS Penetration Testing with Kali Linux

Karl Gilbert Gupta, Benjamin Caudill

Publisher Resources

ISBN: 9781783988525