Do you know how to bypass single quote (') or double quote (") escaping or the backslash too for xss ?

thegovenor · 04.09.2023

I appreciate any help

grozdniyandy · 05.09.2023

It has to be manually tested. I prefer for you to use polyglots - https://github.com/0xsobky/HackVault/wiki/Unleashing-an-Ultimate-XSS-Polyglot
There are also common methods like htmlencoding, urlencoding, double html/url encoding and etc.

thegovenor · 08.09.2023

mucho gracias

frankish · 08.09.2023

normally you would HTML encode or URL encode

grozdniyandy сказал(а):

It has to be manually tested. I prefer for you to use polyglots - https://github.com/0xsobky/HackVault/wiki/Unleashing-an-Ultimate-XSS-Polyglot
There are also common methods like htmlencoding, urlencoding, double html/url encoding and etc.

thanks didn't know about this one!

raywood · 09.09.2023

https://infosecwriteups.com/how-to-bypass-xss-filters-a-practical-example-3189877fe2ce https://infosecwriteups.com/how-to-bypass-xss-filters-a-practical-example-3189877fe2ce

frankish · 15.09.2023

raywood сказал(а):

https://infosecwriteups.com/how-to-bypass-xss-filters-a-practical-example-3189877fe2ce https://infosecwriteups.com/how-to-bypass-xss-filters-a-practical-example-3189877fe2ce

any tools to search this like the one posted before?

Do you know how to bypass single quote (') or double quote (") escaping or the backslash too for xss ?

thegovenor

floppy-диск

grozdniyandy

White-Hat

thegovenor

floppy-диск

frankish

HDD-drive

raywood

RAID-массив

frankish

HDD-drive