Cross-Site Scripting (XSS)
Reflected XSS:
- Look for parameters and user inputs that are reflected back in the page without proper encoding.
- Use fuzzing with a list of XSS payloads to test how inputs are sanitized.
Stored XSS:
- Test all inputs that could be stored and displayed to other users (comments, profiles, etc.).
- Pay special attention to rich-text fields which may allow HTML content.
DOM-based XSS:
- Investigate client-side scripts to identify points where user-supplied input may modify the DOM.
- Use tools like browser development tools to track how JavaScript manipulates user input.
Cross-Site Request Forgery (CSRF)
Simple CSRF:
- Check for forms and state-changing requests that do not have CSRF tokens or other anti-CSRF mechanisms.
- Attempt to craft malicious requests that could be sent from an attacker-controlled site.
SQL Injection
Basic SQL Injection:
- Input classic payloads like ‘ OR ‘1’=’1 to…
